This post points to a story about how a Web Marketers blog was hacked, how he discovered the problem, and how you can protect yourself from the hack….

I agree – in fact I think the problem’s going to get steadily worse, not better.

These spammers and scammers are becoming more and more sophisticated by the day.

Constant vigilance and a security mindset are an absolute requirement if we’re to keep our sites from being hacked.

Hmmm – that sounds like a subject for a post..!

Cheers,

Martin.

Nice post.

I just posted an article on ‘Keeping your Blog Secure’ based upon this post. There are a lot of good resources out there, but the problem will certainly not go away anytime soon.

Cheers,
e.

Eric´s last blog post..Most Popular Browser, Screen Size

How’s happy Bangkok..?

Well done on catching and zapping that code.

There are two plugins that I’ve just installed and activated which, I hope, will improve security on this blog:

1) askapache-password-protect. Encrypted password protects the wp-admin directory and prevents direct updates of *.php files in the wp-includes and wp-content directories.

2) wp-security-scan. Scans the WP installation for security leaks. (I’m forever forgetting to make theme files non-writable after editing them and have to go back and do it after the event. Luckily I seem to have caught them all!).

I’ll implement them on the WTC blog over the weekend.

Did you discover that encrypted code with the cache checker that Paul at SEOidiot developed or just through your own checking..?

Cheers,

Martin.

Yesterday I discovered that someone had added a bit of code (encrypted script) that is connecting out to phishing sites. I’ve identified most of them and removed the code, but I don’t know how the hell they got in and I’m using the latest version of WP.

Sean