The MU forums have moved to WordPress.org

First page of blogs in Site Admin / Blogs list vanish - twice? (6 posts)

  1. dgilmour
    Member
    Posted 12 years ago #

    Yesterday around mid-day the earliest blogs on my system vanished. They appeared to have been deleted with Site Admin delete tools. The blogs no longer existed, and their upload directories were empty. No other damage was reported, or apparent.

    I figured that maybe a Site Admin had made a mistake, or left a password stored. I removed the additional Site Admins until I could be sure passwords had been reset, and burnt midnight oil recovering the blogs from backup.

    All worked fine today until the same set vanished again. They have in common that they are the ones which would appear first in the Site Admin / Blogs list. I still have no additional Site Admins.

    I now realise that the one thing I didn't do in the middle of the night was change my admin password. Doh!

    Has anyone seen this sort of thing before? I am worried that the system has been compromised in some way I don't understand, but don't see any likely forum posts. Version is 1.5.1. Help appreciated.

  2. Trent
    Member
    Posted 12 years ago #

    That is a real problem isn't it dgilmour. I don't recall if there were any security issues with 1.5.1 that might be the problem, but maybe backup your site 6 ways from Sunday and upgrade to 2.6.1.

    I would change all the passwords and maybe change the admin email address in case it is an admin's email that is compromised. It might be something unrelated to your WPMU that is the security breach if it exists.

    There are others that will chime in on this as well, but just thought I would share what my thoughts would be.

    Trent

  3. andrea_r
    Moderator
    Posted 12 years ago #

    What about the recent bug fixed in 2.6 where deleting a blog wound up deleting ALL blogs starting with that number?

  4. dgilmour
    Member
    Posted 12 years ago #

    Thanks both for quick response.

    @Trent: I wanted to gain confidence that 1.5.1 was running reliably before introducing more changes, but will consider 2.6.1 upgrade. Will get Site Admin passwords changed, and look for a way to force others (~1000) to change. Don't understand significance of email address, but will change anyway.

    One thing that's different this time is that the upload directories and files haven't been affected, all are still there. It's possible protections have changed when I restored them, will check that tomorrow. Last night's late session now catching up on me...

  5. Trent
    Member
    Posted 12 years ago #

    You wouldn't have 1000 "site-admins" for the entire site though right? Just change the ones that have access to delete blogs, users, etc from the administration area for the entire site, not the blog admins.

    I only mentioned the site-admin email address as I was thinking that maybe someone had access to your email and even a change in password would be sent to them as well as you. Might be a little "over the top" paranoid though and not neccessary ;)

    Donncha has stated that he considers 2.6.1 as stable as the 1.5.x branch, but it is up to you on the upgrade. Andrea also brought up a bug that was in 2.6 that deleted blogs out of the blue, but that is now fixed in the 2.6.1 release.

    Trent

  6. dgilmour
    Member
    Posted 12 years ago #

    Thanks Trent. Yes, it's just a small number who have Site Admin.

About this Topic

  • Started 12 years ago by dgilmour
  • Latest reply from dgilmour