Forum

Thread tagged as: Question, Problem

Unauthorized primary admin

Hello,

A little background: I have recently “inherited” the website of the animal rescue I volunteer for from a web designer who has moved on. She is still the primary admin for our Perch account and owns the license. I have an admin account. I am not a web designer/developer.

For the second time this year we have discovered unauthorized primary admins, who appear to be hackers, on our Perch user list.

I’m wondering how this is possible, where would they be logging in from to make themselves primary admins? Would it be the file manager in cpanel? How can we prevent this?

Thanks for any help and support!

Roisin Kerr

Roisin Kerr 0 points

  • 3 years ago
Rachel Andrew

Rachel Andrew 394 points
Perch Support

Is your Perch install up to date? If not then you should make sure you update to at least the latest version of Perch 2.

Our support is aimed at web designers and developers, if you don't have those skills then you would need o get help from someone who does. We would suggest looking at our list of Registered Developers.

Ok thank you. We are using 2.3.2, I'm not sure what the latest version of Perch 2 is.

I've since found that they changed the following parameters in config.php file found in perch > config

define('PERCH_EMAIL_FROM', 'nyuwunsewu1337@outlook.com'); define('PERCH_EMAIL_FROM_NAME', 'mc afee');

But everything else is unchanged. Not sure the implications of this?

The mail needs to be changed at the file level, not the perch interface. So this has been changed by someone with ftp or ssh access to the server. You need to change the root access passwords and check all your security settings. It does require a developer to go through all the security settings and logs to see if there is unauthorised activity. Maybe a dog is trying to escape.