User with ID 0 doing bad things

  • Resolved Jose Luis Cruz

    (@joseluiscruz)


    8 years ago

    Hi, I have a weird problem, and I wanted to ask you your opinion.

    According to the Stream logs, yesterday an unknown user with ID 0, deleted almost all the widgets we had in one of our websites (more than 20, all in less than one second). Ip 207.46.13.117 which seems to be a Microsoft bingbot ip.

    We have the WordPress pretty secured. So I suspect the editing may have been done directly in the database through a vulnerability in the hosting. But I can’t be sure.

    Since you know more about how your plugin logs events. Do you think that possible?

    thank you

Viewing 2 replies - 1 through 2 (of 2 total)

  • Have you looked at the server’s log of HTTP activity for the website to see if there were requests from that IP address at that time or any other requests that occurred then?

    Thread Starter Jose Luis Cruz

    (@joseluiscruz)

    Yes, the only request by that IP at that time was a GET request for a non-existant page… Its all very weird.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘User with ID 0 doing bad things’ is closed to new replies.