cancel
Showing results for 
Search instead for 
Did you mean: 

i want to block user adding in Magento ver. 1.9.0.1

SOLVED

i want to block user adding in Magento ver. 1.9.0.1

i want to block user adding in Magento ver. 1.9.0.1

 

someone is adding user to my admin panel always i need to remove again  and again

how can i block adding user in admin panel please help

1 ACCEPTED SOLUTION

Accepted Solutions

Re: i want to block user adding in Magento ver. 1.9.0.1

This is a common occurrence if your store is vulnerable to a known attack. Basically automated tools scanning the internet will automatically attack your store and create an admin user for later abuse by the attacker (although this is not guaranteed to be the problem). Here is a proposed solution:

 

Step 1.  Run your website through magereport.com to make sure there are no redflags denoting that your store has a known vulnerability first. If that comes up with anything I'd think you should fix that first. Ideally you can do so by upgrading to v1.9.3.4 (current latest 1.9 CE release) and then closing out anything else after that.

 

2. Once magereport is giving you an all clear and you've upgraded, circle back and we'll help walk you through ensuring that there is no persistent malware on your server. If you need help with those tasks, feel free followup here also with questions. 

 

-Talesh

 

P.S. don't post the results of your Mage Report scan here. Keep your domain anonymous from us on this public forum until it is properly fixed.

---------------------------------------------------
My Magento Security Podcast

View solution in original post

1 REPLY 1

Re: i want to block user adding in Magento ver. 1.9.0.1

This is a common occurrence if your store is vulnerable to a known attack. Basically automated tools scanning the internet will automatically attack your store and create an admin user for later abuse by the attacker (although this is not guaranteed to be the problem). Here is a proposed solution:

 

Step 1.  Run your website through magereport.com to make sure there are no redflags denoting that your store has a known vulnerability first. If that comes up with anything I'd think you should fix that first. Ideally you can do so by upgrading to v1.9.3.4 (current latest 1.9 CE release) and then closing out anything else after that.

 

2. Once magereport is giving you an all clear and you've upgraded, circle back and we'll help walk you through ensuring that there is no persistent malware on your server. If you need help with those tasks, feel free followup here also with questions. 

 

-Talesh

 

P.S. don't post the results of your Mage Report scan here. Keep your domain anonymous from us on this public forum until it is properly fixed.

---------------------------------------------------
My Magento Security Podcast