Printable View
If any of you has advice on how to make a wordpress blog more secure, please let us know. One we're working on has just been hacked. The site will be under attack due to its political nature, so please advise if we should even use wordpress due to the insecurities.
Mike
This is worse than I thought. HaCkEd By HaCKeR-MaN Anybody with advice please give it. The hacker planted index.php unto his server and overwrote all files in the same hosting account.
What version are you using?
2.6.5 ..................................
Download 2.7... only latest versions are secure ;)
Greets
The most important thing is to use an up to date version of wordpress - as far as I know 2.6 is generally OK. I haven't changed to 2.7 yet, but will soon. Versions 2.5 and earlier were vulnerable to very extensive hacking - I and many others had blogs hacked using earlier versions.
The person took every site in the same hosting account down, wondering now if in fact it was wordpress that they got in with.
I doubt.
Are you sure there was no server password leak?
Could have been. Not sure who else she gave the pw to.
Do you still have the databases intact?
If you do I suggest you take them out and restart every single blog from a brand new 2.7 install on top of those.
Make sure you're using the latest versions of every plugin (use trustful plugins only) and double check your template code so you can be sure there's no harmful code there.