ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

Security breach

May 10, 2011 11:06am

Subscribe [4]
  • #1 / May 10, 2011 11:06am

    v3imaging

    17 posts

    I’m the administrator for our companies EE 2.1.2 account. I received a email the other day with notification that a new member had registered. I don’t no this individual and completely unaware how he was able to gain access to our EE software infrastructure. No one else within our organization added them as a member. I proceeded to delete the membership only to have them register again today.

    How would someone be able to gain access to our EE without knowing our login security info, and how do I combat this issue?

    Thank you for your time.

  • #2 / May 10, 2011 12:42pm

    Boyink!

    5011 posts

    If you didn’t change the member profile triggering word they’re probably just guessing at the URL to the registration forms.  You can also turn off member registrations.

  • #3 / May 10, 2011 1:07pm

    v3imaging

    17 posts

    Is there away to turn off member registration without affecting new member registration in the member group?

    Thanks!

  • #4 / May 10, 2011 1:09pm

    Boyink!

    5011 posts

    Sorry, I’m not following.  You can’t have member registration both on and off.

  • #5 / May 11, 2011 4:26am

    John Henry Donovan

    12339 posts

    v3imaging,

    We have a nice article by Lisa here that covers preventing registration spam.

    EE Blog : Fighting Registration Spam

    Also I can recommend the Securing ExpressionEngine2 by Mark Huot. It gives some great advice about locking down an EE site.

  • #6 / May 11, 2011 10:24am

    v3imaging

    17 posts

    Thank You!

  • #7 / May 12, 2011 8:05am

    Sue Crocker

    26054 posts

    So v3imaging, is this enough info to assist in understanding what options you have?

  • #8 / May 12, 2011 12:17pm

    v3imaging

    17 posts

    Yes! Thank you for all your help.

  • #9 / May 12, 2011 12:53pm

    Sue Crocker

    26054 posts

    Glad to hear. Feel free to start a new thread if you have any more questions.

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases