[Tigger]

Quote:

According to various reports, in the past few days a number of websites created using WordPress have been hacked. While the attack initially appeared to be limited to web sites hosted by American ISP DreamHost, it has since become apparent that blogs hosted at GoDaddy, Bluehost and Media Temple have also been affected. Unconfirmed reports by WPSecurityLock suggest that other PHP-based management systems, such as the Zen Cart eCommerce solution, have also been targeted.

Large-scale attack on WordPress - The H Security: News and Features

thankfully all my blogs are hosted on this side so not effected

[oceania]

wow isnt that just lovely - Tigger pass a bottle of red will ya

[Tigger]

with a problem like this you better open a case

[oceania]

as i dont drink and 1 drink makes me sleep - i think a case would be for all the partiers that come to laugh at me as i sleep thru the whole mess of it all

[Gaystoryman]

Quote:

Originally Posted by Tigger

Large-scale attack on WordPress - The H Security: News and Features

thankfully all my blogs are hosted on this side so not effected

Old news my friend, and it all comes down to one so called security guru claiming it.

While it may indeed be an attack on some PHP driven programs, the proof seems rather, well.... to be blunt, helter skelter. And it seems limited to two hosts only. At wordpress they nattered about it at the beginning of the month, again though created by the one security expert.

Fact is, it supposedly is a PHP exploit, that impacted some Joomla Sites, as well as also Wordpress.

Was it an attack on Wordpress? Myself I don't buy it, just like some SE Gurus make claims, that are false, so too do some security outfits. They do so, to sell their services imho

So worry, I wouldn't be. One thing that Wordpress does good, is keep its users informed of security bugs, and they have a large team who find the exploits, when reported, and work out a fix. NO FIX has been issued, other than from this one secuirty guru. So it makes you wonder.

REAL OR A MARKETING PLOY?

[gonzogone]

here's my problem with an announcement like this - it's specific to hosting setups rather than WordPress. It also mentions PHP and other CMSs. Right off the top, that indicates that it's not WP specific. As GSM said, it sounds more like a PHP exploit. I'd also throw in that since it's targeted at specific hosting, they may also have some security issues that are allowing somebody into the back end. If you let somebody into the server that shouldn't be there, they can immediately have elevated rights that will allow them access to code that they shouldn't have.

Still comes down to having a solid host that knows security and has active monitoring for intrusions detection. Keep up on your WP security updates and of course, keep your fingers crossed at all times.

[housekeeper]

DreamHost, GoDaddy, Bluehost and Media Temple

Bluehost doe's not allow adult content, who in their right mind would host on Godaddy. Not sure about Dreamhost, but certainly Media Temple doesn't sound like they would favor adult clients either...

[Tigger]

and make sure you back up - got mine auto backing up once a day "just" in case

[gonzogone]

Quote:

Originally Posted by Tigger

and make sure you back up - got mine auto backing up once a day "just" in case

[sexmaster29]

i allways backup my blogs;is the best way to keep them safe

[Tigger]

agree, but it amazes me the amount of people that never back up madness.

[KevinG]

On Friday I had a client with 2 WordPress sites on the same shared hosting account get hacked.

The default page (and every page) had an animated cartoon devil giving the finger and saying Hacked by so and so. Every index.php file in every directory had been changed.

It took most of the day to investigate, close the hole and restore from back ups.

I was concerned about some new vulnerability in WP that I hadn't heard of yet, and was worried about dozens of other WP sites of mine and other clients.

The interesting lesson learned in this specific case was that it wasn't WP at all.

The client that got hacked was on a shared account. The vulnerability was in a different site using Joomla.

I sighed in relief for my own sites since they are all on my own dedicated servers.

The link the host sent me to explain it, which I only scanned is:
ISS X-Force Database: ckforms-index-sql-injection(56988): CKForms component for Joomla! index.php SQL injection

[gonzogone]

hopefully people will learn from this example...

good to see you around Kevin!

[Bill Benson]

I had a site get hacked a couple of years ago. Every index page on the shared server got changed to some Saddam Husein thing in Arabic. Turned out one account on the shared server had a really weak password. They changed the password requirements.

Might be hosts out there today that will still let you use weak passwords. Something to consider when selecting a host.