co One Simple Fix To Your Hacker Problem |

If you find yourself the victim of repeated hacking into your WordPress blogging platform, try deleting your Admin account and establishing a new account with a different name. Hackers often try to guess the passwords of CMS and software account names. The Admin account name is the WordPress default and as such is the most targeted for hacker attempts. Delete it and a part of your problem goes away.

Notice that I said “a part”. Deleting the Admin account won’t solve all of your problems, but if your hacker is using the tactic that was prevalent with the 2.8.3 version of WordPress then it is likely that your Admin account will be a target of a hacker attempt.

Another tactic hackers have used, and this one is much more sneaky, is to set up a Subscriber account and use a bot to turn that account in an invisible Admin account. This allows the hacker to change your Admin settings without your knowledge. Hackers will often then insert JavaScript code into the files of your WordPress themes and it will be difficult to clean up because as Admin the hacker can do anything he wants to your files, including altering them. Here’s how to combat that:

  • Delete all suspicious-looking Subscriber accounts in your Admin user area
  • Delete any account using the username Admin or a variant
  • Set the security settings to all of your folders, in the cPanel area of your hosting account, to Read – uncheck the Write option

It’s important, if you are deleting accounts – especially the Admin account – to move all posts made under that account name to another account holder. So set up an alternative account under a different username before you delete your Admin account. And use a password for all of your accounts that is difficult to guess. No single name passwords. Add some capital letters, special characters, and make it long.