I am lost with wordfence and this buddypress maybe I am not

I am lost with wordfence and this buddypress maybe I am not set up right can someone help me please.
I am having allot of problems with getting messages of not knowing what's what. I don't know whats what if someone is a registered user or a hacker signing into this mess.
I am getting so many login logouts I am lost how do you tell whats what can someone please help me change the url to my admin area please. I am going ko ko. With this wordfence its not funny I hate wordfence all of the login logouts are looking the same to me is there a way I can change the admin area place.

  • Ash

    Hello @Vincent

    I hope you are well today and thanks for asking the question.

    Would you mind if I ask you to be more specific please? :slight_smile:

    I am having allot of problems with getting messages of not knowing what's what.

    What messages are you seeing? And where? Any example?

    I don't know whats what if someone is a registered user or a hacker signing into this mess.

    Would you please explain?

    If you want to change the url of admin, please try this plugin:
    http://wordpress.org/plugins/hc-custom-wp-admin-url/

    Hope it helps :slight_smile: Please feel free to ask more question if you have.

    Cheers
    Ash

  • Vincent

    Well thanks and how are you today its been a ruff road for me and I have a bad taste in my mouth for some reason as to why I would find me live chat in my site gone. If you are rung buddy press and have live chat plugin installed then you will see what I mean. Its been hard for me to get this thing right when I see things changing in my admin area. This is what my feelings are as being a programmer for about 7 years now.
    I build from scratch not a plugin a index.php and several other files a registration page activation page and also members page as well using index.html and php. With that said I went into wordpress to get things done faster quicker easier so it seemed. Until on or about 4/12/2014 I had seen these features missing out of the site http://www.fluffey.com. 1. the chat was gone missing off the top admin bar. 2. My permalinks was set to custom /contacts.
    After seeing this I was shocked I restored the site back to 2/17/2014 and then I seen the live chat was back although my permalinks was going to contacts. This would mean that somehow they had gotten into the admin area of my site or spoofed my cpanel account. In that I don't believe could happen if they were spoofing me yes. Although it seems they can get in through the wpmudev plugin I would imagine is this true how do you allow someone access to this area because things were changing.

  • PC

    Hello there Vincent,

    Thanks for posting back.

    All our plugins are tested for security vulnerabilities before they are pushed live so that we can rest assured that our plugins are safe. That is why we have a development team and a support team so that we can take care of stuff properly.

    The matter of the site settings getting changed can be related to a lot of stuff. Perhaps your host's cpanel security was hacked and someone got into the database for making changes. Did you get in touch with your host to see if they notice any unauthorized login attempts ?

    The only WPMU DEV plugin which allows a remote access is WPMU DEV Dashboard and that only communicates with our servers and only staff has access to the remote login. So no one from outside can remote login to your site.

    Cheers, PC

  • Vincent

    Hello there and hope you are well today that's important. The site is ok so far although I was getting some strange activity from spam in japan. I am using a askmi.net I believe it is api along with some other security.
    Whats I am trying to do is make it so people will need to upload a photo there are no photos I even gave them a photos page for making big photos. I see allot of what askme.net is saying is spam although when I check them against spamhaus.org they are not spam all green so I don't know who to believe anymore I think ask anti is pulling my fanny so to speak.
    They are real members with real names. You see why its so hard for me to finish development is because I am getting so many emails from logins to keep attention to. Although there is allot of activity no pictures this is strange to say the least. One thing at a time I want to see if I can figure this members plugin out I never set it up and I think I have plugins working that are multi site with just buddy press this may be a problem example the plugin enewsletter is only for multi site functions at one point it was installed and half working in my site and I did not get a warning about anything at all saying this is a multi site plugin only. So yes I am confused.
    My next step is going to be multi site I just don't prey I don't have any problems as long as other sites as well will still run under these functions I would guess its ok.

    My regards Vinny

  • aristath

    Hello again Vinny, I hope you're well today!

    On my sites a use a combination of these:

    * Akismet (is that the one you mean when you say aski.net?)
    * https://wordpress.org/plugins/limit-login-attempts/
    * Cloudflare

    I never had an issue with these 3 combined and I would highly recommend that combo!

    Akismet is anti-spam
    Limit Login Attempts will prevent brute-force attacks on passwords
    Cloudflare (I use their free plan, it's perfectly fine for security) will block DDOS attacks and most know spambots.

    I hope that helps!

    Cheers,
    Ari.

  • Vincent

    I am glad you are ok I hope. Because I am shocked to death.
    I was ripped on this emeeting dating software crap software never again. I am so sick it is not funny. I can not save an apache build at all on there software crashes with suspicious plugins named /tmp/oi_plugins.php file extension some people will go to anything to rip off someone its made me sick. This is not the way business should be I use a apache 5.4
    build with a solid function also no deprecated is not good no front page extensions at all. PHP security I know how to build very well and this other new server of mine is a emeeting mess sister I wish I new word press a long time ago these people should really be reprimanded for doing this to people it should be allowing people to make money is this not why we are doing this or are we here to just pay money well I am not I am here to make money.
    I don't care what they think of me I don't like rip offs. I learned the hard way it took me five years to learn I was ripped off.

    Regards have a great day! P.S people like that they come after with serious crime. Really sad I must add why do people do this is this what programming is about steeling well were I came from I don't do this to people all so now I have a site with 50030 members I am tossing away.
    Maybe I will try to sell it on line its not going to fly to well because I would not do this to someone see I am honest because I know whos watching matchudate.com is fake.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.