Here's a puzzler for the computerheads that know more about Internet skullduggery than I. I haven't engaged in skullduggery for at least 30 years so I'm kind of rusty. Lol.

So I've had an instance of Enterprise / Unlimited Wordpress installed and running on my server for a long time. My server is a Linux machine that I rent from 1and1 / ionos.

For top level administration, I disabled the default admin user and created a different user with admin privileges that I use. This account is under continuous login attack. I'm not terribly worried because the password is a long random string and I have timed lockout measures in place. It's kind of hard to try billions of possibilities when you're locked out for 20 minutes.

What puzzles me is how did they discover the username, which is also a random string? They have the right username. How was it discovered?

Any ideas? I'm really just curious.
I should perhaps remind that my original puzzle was "how did the attackers learn the username?" The username is a unique string of random characters, not used anywhere except as the username of a Wordpress user. Not an email user. Not a user anywhere else.

That's my puzzle.
Follow

@shuttersparks WIthout knowing more about your specific setup, the answer is, There are leaks. Even in an HTTPS-enabled system. If you think those leaks don't imply other threats to your site's safety, then you're all set.

Sign in to participate in the conversation
☠️ librepunk ☠️

A friendly mastodon instance primarily for shitposting, gays, and the glory of the free and open source software movement.