I’m a little late writing this, but at least that’s due to being busy and not being lazy 😉
A few weeks ago word got out about WordPress being hacked. The short version- attacks were/are being made on WordPress based sites that have a user with the username ‘admin’. They scan the web, find a site, use the username admin and try tons of passwords in order to get into your account. This is why strong passwords are highly recommended over easy to remember stuff.
Are you vulnerable? Let’s find out and get you fixed right away. Log into your admin area and click on Users. You may or may not have a lot of users on your website depending on your set up, if you do, just click on Administrators to narrow things down.
Now look at the usernames, do you see ‘admin’? If not, you are safe! If you do, follow the steps below right away before something happens.
1. Create a new user and give that user admin rights. You will need to use an alternate email address, but you can switch that back after all is said and done.
2. Log in as new user
3. Delete the account associated with ‘admin’, when you do this WordPress will ask what to do with all of the content. Choose to attribute the post/pages to your new admin account.
4. Relax. You are now safe