WordPress is now so popular that hackers are targeting wordpress websites. Some sites we look after were hacked by the “brute force approach” – ie: programmatically trying usernames and passwords until they can login.
Types of hacks:
Luckily we do various checks which enabled us to pick up the following:
- header.php hacked – hidden links showed up as the description in a google search
- footer.php hacked – again hidden links found when doing a xenu link sleuth check – strange external outgoing links
- page content page hacked – badly done – it looked like the content had disappeared due to the hidden style and bad tags – was lost in the editing window too. However we checked the database and content was still there, plus lots of spam links at the bottom.
In following some of the links we saw that other sites were unintentionally hosting hundreds of pages that were presumably not showing in their menus, but did when one used a page-id query link.
This prompted a review of wordpress security for our sites. Luckily the bulk of them had not been hacked and had the latest wordpress. There were still a few security updates that made sense to do – these are discussed in the next post.
Related posts:
- Check if you’ve been hacked A reminder list of ways to check if your site is unintentionally hosting spammers content or links: How many pages...
- Another hacked story – did 2.9 appear to lose your plugins? Don’t blame 2.9! A site was hacked. This was only detected because he had a funny admin screen so decided...
- wordpress user reporting plugin has a new site The amr wordpress users plugin for flexible user reporting now has it’s own site:...
- Improve your wordpress web’s security – Prevention Easy improvements for the non-technical: are you displaying your username for all the hackers to see? Go to your wordpress...
- Faster please, faster – how to use WordPress as a CMS successfully – by mhansen Tips from conversations at webmaster world, and alter about timthumb vulnerability. ...
