Apparent Hack – users cannot log in or log out

  • jpridemore

    (@jpridemore)


    8 years, 5 months ago

    Recently, users to a website I maintain complained of not being able to log in. They would input their user name and password and hit enter. The screen would refresh and remain. I visited a user’s home where this happened to experience the problem first hand. I took my Chromebook along. When I, too, could not log on using their computer, I opened my chromebook (which was logged on to the website). Once I gained access to their network, I could see that I was still logged on. I tried to log out and could not. It seemed the logoff button would not work. After trying several things, I thought of disabling the All In One Security plug in. Alas, I was able to log off and log back in, no problem. Conclusion, it seems this plug in was hacked on my website, and was not letting the residents ip address log in or log out. This occurred a few days earlier for another user. I replaced All In One Security and Firewall with Wordfence. I googled this issue and did not get a hit, hence I am writing this to share this experience.

    PS, I tried to report this at the All In One Security site and was unable to get past their captcha.

Viewing 1 replies (of 1 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    8 years, 5 months ago

    Hi, thank you for the information you shared. I can assure you that this plugin has not been compromised in any manner. What you experienced is probably a compatibility issue between a plugin and some settings enabled in AIOWPS.

    If you choose to use our plugin again, let us know so that we can try and help you troubleshoot the issue you experienced.

    I am also happy to hear that you found an alternative security plugin.

    Kind regards

Viewing 1 replies (of 1 total)

The topic ‘Apparent Hack – users cannot log in or log out’ is closed to new replies.