Page 1 of 3 123 LastLast
Results 1 to 10 of 27

Thread: Wordpress insecurities

  1. #1
    Mike Dammann's Avatar
    Mike Dammann is offline Super Moderator
    Join Date
    Dec 2008
    Location
    Geographically flexible
    Posts
    964
    Blog Entries
    3
    Thanks
    237
    Thanked 182 Times in 148 Posts

    Wordpress insecurities

    If any of you has advice on how to make a wordpress blog more secure, please let us know. One we're working on has just been hacked. The site will be under attack due to its political nature, so please advise if we should even use wordpress due to the insecurities.

    Mike
    For blood type dating go here. If your blood type is rhesus negative, go there. If you are bored and feel like liking a Facebook page, hit this one.

  2. #2
    Mike Dammann's Avatar
    Mike Dammann is offline Super Moderator
    Join Date
    Dec 2008
    Location
    Geographically flexible
    Posts
    964
    Blog Entries
    3
    Thanks
    237
    Thanked 182 Times in 148 Posts
    This is worse than I thought. HaCkEd By HaCKeR-MaN Anybody with advice please give it. The hacker planted index.php unto his server and overwrote all files in the same hosting account.
    Last edited by Mike Dammann; 1 January, 2009 at 17:27 PM.
    For blood type dating go here. If your blood type is rhesus negative, go there. If you are bored and feel like liking a Facebook page, hit this one.

  3. #3
    Shenron's Avatar
    Shenron is offline Administrator
    Join Date
    Dec 2008
    Location
    Portugal
    Posts
    1,900
    Blog Entries
    2
    Thanks
    561
    Thanked 548 Times in 368 Posts
    What version are you using?

  4. #4
    Mike Dammann's Avatar
    Mike Dammann is offline Super Moderator
    Join Date
    Dec 2008
    Location
    Geographically flexible
    Posts
    964
    Blog Entries
    3
    Thanks
    237
    Thanked 182 Times in 148 Posts
    2.6.5 ..................................
    For blood type dating go here. If your blood type is rhesus negative, go there. If you are bored and feel like liking a Facebook page, hit this one.

  5. #5
    Aquarezz's Avatar
    Aquarezz is offline Master Net Builder
    Join Date
    Dec 2008
    Location
    Belgium
    Posts
    3,852
    Blog Entries
    4
    Thanks
    683
    Thanked 591 Times in 463 Posts
    Download 2.7... only latest versions are secure

    Greets
    |Nico Lawsons

  6. #6
    DickTracy is offline Newbie Net Builder
    Join Date
    Dec 2008
    Posts
    116
    Thanks
    12
    Thanked 19 Times in 12 Posts
    The most important thing is to use an up to date version of wordpress - as far as I know 2.6 is generally OK. I haven't changed to 2.7 yet, but will soon. Versions 2.5 and earlier were vulnerable to very extensive hacking - I and many others had blogs hacked using earlier versions.

  7. #7
    Mike Dammann's Avatar
    Mike Dammann is offline Super Moderator
    Join Date
    Dec 2008
    Location
    Geographically flexible
    Posts
    964
    Blog Entries
    3
    Thanks
    237
    Thanked 182 Times in 148 Posts
    The person took every site in the same hosting account down, wondering now if in fact it was wordpress that they got in with.
    For blood type dating go here. If your blood type is rhesus negative, go there. If you are bored and feel like liking a Facebook page, hit this one.

  8. #8
    Shenron's Avatar
    Shenron is offline Administrator
    Join Date
    Dec 2008
    Location
    Portugal
    Posts
    1,900
    Blog Entries
    2
    Thanks
    561
    Thanked 548 Times in 368 Posts
    I doubt.
    Are you sure there was no server password leak?

  9. #9
    Mike Dammann's Avatar
    Mike Dammann is offline Super Moderator
    Join Date
    Dec 2008
    Location
    Geographically flexible
    Posts
    964
    Blog Entries
    3
    Thanks
    237
    Thanked 182 Times in 148 Posts
    Could have been. Not sure who else she gave the pw to.
    For blood type dating go here. If your blood type is rhesus negative, go there. If you are bored and feel like liking a Facebook page, hit this one.

  10. #10
    Shenron's Avatar
    Shenron is offline Administrator
    Join Date
    Dec 2008
    Location
    Portugal
    Posts
    1,900
    Blog Entries
    2
    Thanks
    561
    Thanked 548 Times in 368 Posts
    Do you still have the databases intact?
    If you do I suggest you take them out and restart every single blog from a brand new 2.7 install on top of those.
    Make sure you're using the latest versions of every plugin (use trustful plugins only) and double check your template code so you can be sure there's no harmful code there.

Page 1 of 3 123 LastLast

Similar Threads

  1. [Wordpress] - WordPress 3.0 Release Candidate
    By StephenM in forum Community Software
    Replies: 0
    Last Post: 28 May, 2010, 02:35 AM
  2. Replies: 5
    Last Post: 14 January, 2010, 03:58 AM
  3. [WTS] Hoover Wordpress Blog (Unquie Wordpress Theme)
    By Marcell Purham in forum Themes
    Replies: 0
    Last Post: 15 December, 2009, 20:36 PM
  4. Replies: 29
    Last Post: 18 September, 2009, 11:24 AM
  5. Replies: 14
    Last Post: 30 August, 2009, 02:33 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •