If you’re on Dean Hunt’s mailing list you’ll already have seen his post on Wordpress blogs being hacked, so no need to read any further.
If you’re not on his list then, if you’re a Wordpress user, you need to read this.
It’s an article about how Dean’s Wordpress blog was hacked in a very sophisticated way. So sophisticated that, unless you’re a Wordpress coder, or very technically minded, you probably won’t even know it’s been hacked.
Until your Google search results placings disappear. Which they will if you’re hacked and your blog contains links to Spam sites.
Dean’s post about what happened to his blog explains it far better than I ever could. It also contains a link to a tool that will enable you to check whether you’ve been hacked and steps you should take to protect yourself.
So, again, if you’re a Wordpress user and haven’t read his post on how his site was hacked, read it here.
And, as Dean suggests, spread the message.
Other Articles You Might Like:
{ 2 trackbacks }
{ 4 comments… read them below or add one }
Hi Martin,
Yesterday I discovered that someone had added a bit of code (encrypted script) that is connecting out to phishing sites. I’ve identified most of them and removed the code, but I don’t know how the hell they got in and I’m using the latest version of WP.
Sean
Hi Sean,
How’s happy Bangkok..?
Well done on catching and zapping that code.
There are two plugins that I’ve just installed and activated which, I hope, will improve security on this blog:
1) askapache-password-protect. Encrypted password protects the wp-admin directory and prevents direct updates of *.php files in the wp-includes and wp-content directories.
2) wp-security-scan. Scans the WP installation for security leaks. (I’m forever forgetting to make theme files non-writable after editing them and have to go back and do it after the event. Luckily I seem to have caught them all!).
I’ll implement them on the WTC blog over the weekend.
Did you discover that encrypted code with the cache checker that Paul at SEOidiot developed or just through your own checking..?
Cheers,
Martin.
Hi Martin,
Nice post.
I just posted an article on ‘Keeping your Blog Secure’ based upon this post. There are a lot of good resources out there, but the problem will certainly not go away anytime soon.
Cheers,
e.
Eric´s last blog post..Most Popular Browser, Screen Size
Hey Dude,
I agree – in fact I think the problem’s going to get steadily worse, not better.
These spammers and scammers are becoming more and more sophisticated by the day.
Constant vigilance and a security mindset are an absolute requirement if we’re to keep our sites from being hacked.
Hmmm – that sounds like a subject for a post..!
Cheers,
Martin.