We use cookies to help make our site work properly and to analyze how our site is used. Some are optional, but none contain your personal information, and we don't use any for ads. You can view our cookies policy, manage your cookie preferences, or consent and dismiss this banner by clicking agree:

Agree
ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

Surprise name seen in CP Login field

February 18, 2011 7:26am

Subscribe [2]

  • #1 / Feb 18, 2011 7:26am

    JayJ

    10 posts

    Hi there,

    I recently came to login to my website’s CP and on double clicking the Username field, I saw someone else’s username there. This person is not a work colleague or anyone I know.

    Logging onto the CP and checking the user, I see that this person registered last week. The next worry, is that this person left all the required fields blank and yet the system still allowed him to register. He is only flagged as a “Member” - but it’s still a concern. Just for the record, his email looks genuine.

    How has this user got onto my system, and what can I do to prevent this happening again?

    I am currently running 1.6.9. The original developers of the website left the system folder in the default location, is that a concern? It’s been like that for 3 years. I’m guessing it’s far to late to change that now?

    Cheers, Jay

  • #2 / Feb 18, 2011 9:13am

    Sue Crocker

    26054 posts

    Is this particular site using any membership functions?

    I’d download 1.7.0 and do the following:

    Turn off registrations temporarily.

    Change the trigger word for members. Kill of any Members that haven’t logged in for the past 90 days (or some other arbitrary number).

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases

© Packet Tide, All Rights Reserved. Legal Notices

Username

Password

Forgot password?
or Register