Problems with backing up and unauthorized user signed in

…website has been signed into by an unauthorized user (wordfence alert).

If you are the only user at your site and/or you do not have to be concerned about other people making typos when trying to log in, go to Wordfence Options and check “Immediately lock out invalid usernames”. Doing that will not fix whatever intrusion hole someone had used, but I do think it might at least stop the actual login.

I know I need to back up my site and I’ve tried before but gotten these messages…

Those messages are from that specific plugin as part of its own setup process and can be fixed by manually copying-and-pasting certain files into place. I will try to help you with that if you want to do that, but my suggestion to you would be to install the BulletProof Security plugin that will “Harden WordPress” for you and also give you an already-protected option for database backup. However, *nobody* considers a folder at your site as being a safe place to store database backups. Hence, and with either plugin, it is far better to download a backup than to store one at your site.

Thank you leejosepho! I will do both immediately. Thank you.

BulletProof Security can seem a bit intimidating at first, but it is completely safe and will not break anything…and just let me know if you might need a bit of help in knowing where to click what to set it up.

I checked and the “immediately lock out invalid usernames” was already checked. This was the alert I woke up to this morning:

A user with username “systemwpadmin” who has administrator access signed in to your WordPress site.
User IP: 91.218.228.69
User hostname: https://www.host.com

Unless you are using “admin” for yourself, put this in the Wordfence slot for “Immediately block the IP of users who try to sign in as these usernames”: admin,administrator,support,systemwpadmin

Edit: You should also change the MySQL password for your database access, and that has to be done in two places. Do you have access to cPanel at your host?

Edit: Also check at Dashboard > Users and edit systemwpadmin to “No Role at this site” and change its password if that account appears there.

You’re great for sticking with me. Thank you. I understand and will do the first part. The “Edit” is a bit wordpress201 for this newbie. Can you walk me through it? I promise, I’m a quick study ??

You bet, and one little bit at a time.

At your hosting account, you should/might have cPanel where you can use MySQL Databases and File Manager to change your MySQL password and then copy that to your wp-config.php file. So, log in at your host and see what you see there…

You’re a rock star. Thanks. I just signed into my host and I see where I can change it there. Before I do that, I want to make sure I also know where to change it on wordpress so I don’t get myself stuck.

At cPanel > File Manager, find your WordPress installation and make a copy (copy-and-paste a backup copy locally or however you like to do that kind of thing) of your wp-config.php file. Then look in that file and find this:

/** MySQL database password */
define('DB_PASSWORD', 'password_here');

Whatever you currently have in that ‘password_here’ space is your current MySQL Password at cPanel > MySQL Databases…and that is the one you want to change both there in wp-config.php and at cPanel > MySQL Databases.

Also there in wp-config.php, you will find this:

/** MySQL database username */
define('DB_USER', 'username_here');

Find that username at cPanel > MySQL Databases, then change its Password right there and then copy that same new password into place in wp-config.php and refresh your browser at your site. If you get any kind of “Cannot connect to database error”, that would only be because you somehow failed to get the same password saved into both places.

Thanks. I’ll try.