Posts Tagged ‘hackers’
Secure your WordPress Blog. Upgrade Now!
September 5, 2009 by Emily
Around the Web
There is a worm that has been making it’s way around since yesterday that is attacking WordPress blogs with older versions. If you haven’t upgraded to the current version, please do so right now. Otherwise there is a very high chance your blog will be compromised and it’s much harder to clean up a hacked blog than to upgrade it and keep it secure in the first place.
I’ve noticed some confusion among users at other sites, so I want to make this clear. If you have the current version of WP, which is 2.8.4, you are safe, your blog is immune from this worm. If you have an older version, especially a much older version, you need to upgrade ASAP. Also, this only applies to self-hosted WP blogs. Blogs on wordpress.com aren’t affected because they are always current.
Matt goes into specifics about this worm and the importance of upgrading over on the dev blog and I encourage you to go read it.
CommentsWeb 101: Fixed a hacked site and prevent it from happening again – Part 2
September 16, 2008 by Emily
Web 101
In my previous post I talked about what to do to fix a hacked site. This post is about things you can do to make WordPress more secure so that something like that doesn’t happen again (or ever). The basic things were mentioned in the last post: change your passwords regularly, use strong passwords and always have the most current version of WP. But here are some other things you can do:
Web 101: Fixed a hacked site and prevent it from happening again – Part 1
September 9, 2008 by Emily
Web 101
A client and Swank hostee emailed me a few days ago because her browser had notified her that her blog had been marked as suspicious by Google and she didn’t know how or why that had happened. Further checking revealed that google had found malicious software being downloaded and installed without user consent. Her site had been hacked and the hacker had added malicious code to her blog template.
Unfortunately, this can happen to anyone and there are a myriad of ways that a hacker can get into your site. I believe in this instance that the hacker was able to guess her password, which was a very simple name. So what is one to do if your site is hacked? My client had no clue and I know that not everyone has a trusted designer or tech support that they can email with problems such as these (plus speed is key, so waiting around for help can be frustrating), so I thought I’d write up a checklist of things you should do to remove malicious code from your hacked site and prevent it from happening again (or ever if it hasn’t happened yet). I’m specifically going to be using WordPress blogs as an example since almost my entire clientele uses WordPress, but most of these things can be applied to all content management systems.
