Page 3 of 3 FirstFirst 123
Results 21 to 27 of 27

Thread: Wordpress insecurities

  1. 3 January, 2009, 15:48 PM #21
    Shenron's Avatar
    Shenron
    Shenron is offline Administrator
    Join Date
    Dec 2008
    Location
    Portugal
    Posts
    1,900
    Blog Entries
    2
    Thanks
    561
    Thanked 548 Times in 368 Posts
    Cool!
    Make sure you check your posts for "injected content".

    Go to your mysql database - wp_posts and check the content there.

    I've had some problems before with hidden html code.
    Reply With Quote Reply With Quote

  2. Thanked by:

    Mike Dammann (3 January, 2009)
  3. 3 January, 2009, 17:06 PM #22
    Mike Dammann's Avatar
    Mike Dammann
    Mike Dammann is offline Super Moderator
    Send a message via MSN to Mike Dammann Send a message via Yahoo to Mike Dammann Send a message via Skype™ to Mike Dammann
    Join Date
    Dec 2008
    Location
    Geographically flexible
    Posts
    950
    Blog Entries
    3
    Thanks
    235
    Thanked 178 Times in 146 Posts
    Thank you to everyone who has helped!
    For blood type dating go here. If your blood type is rhesus negative, go there. If you are bored and feel like liking a Facebook page, hit this one.
    Reply With Quote Reply With Quote
  4. 4 January, 2009, 02:00 AM #23
    elishevadpw's Avatar
    elishevadpw
    elishevadpw is offline Net Builder
    Send a message via Yahoo to elishevadpw Send a message via Skype™ to elishevadpw
    Join Date
    Dec 2008
    Location
    under the equator
    Posts
    120
    Thanks
    40
    Thanked 45 Times in 17 Posts
    Quote Originally Posted by Shenron View Post
    Cool!
    Make sure you check your posts for "injected content".

    Go to your mysql database - wp_posts and check the content there.

    I've had some problems before with hidden html code.
    What is "injected content"?
    Student Loan Forgiveness | Bali Villas | Article Distribution by James Stein
    Reply With Quote Reply With Quote
  5. 4 January, 2009, 14:17 PM #24
    Shenron's Avatar
    Shenron
    Shenron is offline Administrator
    Join Date
    Dec 2008
    Location
    Portugal
    Posts
    1,900
    Blog Entries
    2
    Thanks
    561
    Thanked 548 Times in 368 Posts
    SQL injection - Wikipedia, the free encyclopedia

    Typically hackers inject some hidden content into your posts body (usually at the begining)

    You can catch those by browsing your Mysql results and look for odd html tags
    Reply With Quote Reply With Quote
  6. 4 January, 2009, 14:56 PM #25
    5starpix's Avatar
    5starpix
    5starpix is offline Senior Net Builder
    Send a message via AIM to 5starpix Send a message via MSN to 5starpix Send a message via Yahoo to 5starpix Send a message via Skype™ to 5starpix
    Join Date
    Dec 2008
    Location
    Montreal, Quebec
    Posts
    1,708
    Blog Entries
    9
    Thanks
    157
    Thanked 225 Times in 162 Posts
    Quote Originally Posted by Shenron View Post
    SQL injection - Wikipedia, the free encyclopedia

    Typically hackers inject some hidden content into your posts body (usually at the begining)

    You can catch those by browsing your Mysql results and look for odd html tags
    Do you think there is a way to prevent that?
    Mining Equipment Distributors
    Glocast Telecom International
    Web Hosting Reviews
    Plants Archive
    Reply With Quote Reply With Quote
  7. 4 January, 2009, 15:28 PM #26
    Shenron's Avatar
    Shenron
    Shenron is offline Administrator
    Join Date
    Dec 2008
    Location
    Portugal
    Posts
    1,900
    Blog Entries
    2
    Thanks
    561
    Thanked 548 Times in 368 Posts
    Keeping your Wordpress and plugins updated it's the best recipe.
    Reply With Quote Reply With Quote
  8. 17 January, 2009, 01:28 AM #27
    thatsfine's Avatar
    thatsfine
    thatsfine is offline Newbie Net Builder
    Join Date
    Jan 2009
    Location
    In Your Heart......
    Posts
    23
    Thanks
    6
    Thanked 0 Times in 0 Posts
    Hello,

    There is also one more major security issue with wordpress.

    /wp-contents/uploads have CHMOD 777

    Hackers Upload a Phishing site in there. So change the CHMOD to 755.

    Make Wordpress Better.

    Thanks
    Reply With Quote Reply With Quote
Page 3 of 3 FirstFirst 123
« Previous Thread | Next Thread »

Similar Threads

  1. [Wordpress] - WordPress 3.0 Release Candidate
    By StephenM in forum Community Software
    Replies: 0
    Last Post: 28 May, 2010, 02:35 AM
  2. WordPress Performance: Simple, Elegant way to speed up a slow WordPress!
    By Canonical in forum Wordpress
    Replies: 5
    Last Post: 14 January, 2010, 03:58 AM
  3. [WTS] Hoover Wordpress Blog (Unquie Wordpress Theme)
    By Marcell Purham in forum Themes
    Replies: 0
    Last Post: 15 December, 2009, 20:36 PM
  4. WordPress Attack Underway: WordPress Users Must Upgrade [ALERT]
    By Aquarezz in forum Wordpress
    Replies: 29
    Last Post: 18 September, 2009, 11:24 AM
  5. Wordpress Site Hacked - Upgrade to WordPress 2.8.4
    By bogart in forum Wordpress
    Replies: 14
    Last Post: 30 August, 2009, 02:33 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules