Hi guys, I have encountered a serious problem, since some days I am seeing that some one posting on my blog without my information. Daily I see new post on my blog. I even do not set my blog on "anyone can register". I made my blog open for registration some months ago and there are some registered users. But now I set all the users to "author" and I know that on my WP version "author" can not post article on my blog. Please help me what happening with my blog and what is the solution. Thanks lot in advance.
What is the link to your site? I don't know of any version where "Author" means anything other than enabling someone to write. Change all subscribers to "Subscribers" setting and if you did not allow anyone to register, you could go check the Users listing and if there is someone in there, either change their password (you as admin have that capability), or simply delete them. Another safeguard I would do is change your admin password to something that contains at least one of each of the following 1234 etc... @#$% etc... asdf etc... DFHY etc... This will make it just about impossible for them to decrypt it. Also if your site is WordPress, you can get a plugin called "Login Lockdown" which will only allow 3 to 5 tries at logging in, then it will lock that IP address out from further tries for one hour. good luck with your efforts and your problem. Kelvin Nikkel
somebody hacked you admin account for the site and is posting with it , change password , check pc for any keyloggers , change email password and scan through your hosting server for any unwanted files
I tested on my WP blog my changing the user role to "author" and then I login with that user and there no any posting option appear on the left side. I do not set any user to subscriber. I have somehow 56 users that assigned as "author" and those are very old users. Those users not posting any article. Daily I get new registration and also posting. Yesterday I installed one plugin name "stealth login" which allow me to change the WP login URL. I thought that my blog is now secure, but today I got two news users register on my blog and also two posting. I am really confuse whats going on actually.
Hay, You have to change your login information, Change your Email ID plus password. Somebody got your weak side. and plz tell here what is the status.
Hey thanks for our reply, I have changed password and also install one plugin that is "stealth login" by which I can change the wp-admin to my custom URL, but still I am getting posting. I already deleted all the Users from my blog, but now articles are posting by using my account.
Just delete any author on your wordpress account and allow only the administrator account belongs to you alone. After that change the administrator password by using a combination of letters and numbers.
Ya I changed the login password and also the email id, but still it is happening. If someone there that can exactly inform me whats going on there?
Yeah this could be the reason. Another thing make sure that Remote Publishing options are disabled. For this Go to Settings>Writing scroll down to Remote Publishing and uncheck the two options: -> Atom Publishing Protocol -> XML-RPC
apart from wp robot check if there is any other plugin that has the options to fetch articles from other website and post it.
Aside from these, there is also Post by Email. You might want to make sure that is disabled. Also, as other members have mentioned, you need to change the other users registered in your Wordpress site as Subscribers instead of Authors. Authors and Administrators can post on the website. If you want to be the only one posting on the website, then change the other users to Subscribers, maintain your Administrator status and change your password. Hope that helps. Have a good day!
Hi Guys my problem has been solved, there was a plugin( Sorry I can not not remember the name ) that automatically rewrite my old blog post and posting as a new post. After I disabled the plug in I solved the problem. Well thanks all of you for your valuable replies.
I really feel like theres a need to address this. Why are you people posting the same information after it has been said by 1 person. There is no necessarily reason to be posting the same thing over and over. Second there is no need to know his Website URL. There are like 2-4 people that asked " whats your URL", "whats your site URL" etc.... There are no reasons for you to be asking what his URL is. And Blog4Fun glad to hear that you have resolved your issue.