Some dirty bastard!
- Started
- Last post
- 14 Responses
- boobs
Infected one of my Wordpress websites with malware! I had to learn about it from a friend! Took me hours to fix! Some people are just dirty, no good fuckers! No squeeze for them!
Anybody else ever get any of this malware bullshit out there on the internet?
- lukus_W0
Does that mean your site was blocked by web-browsers?
- boobs0
I don't know. I was able to see it OK. Who knows what other people saw, though?
- chivas0
I've had someone disguise a .php file as an image extension and execute malicious script on my server.
Fuckers.
- juhls0
Recently happened to another Wordpress site I visit.
- airey0
welcome to my fucking world. 5 sites now, all ones that i sub-host on mediatemple.
there's been 2 different ones on mine so i hope the following helps:
1: login and make sure the sites are updated to wp3.
2: check the users for new bullshit ones, all so far called johnny A and B. if you find no users login to the phpmyAdmin and look there although the invisible user thing didn't happen to me once it was upgraded to wp3.
3: one malware hack was an h5 injection so that there was a link added to the first h5 tag in one of the posts. a couple of posts that didn't use an h5 tag had one added. the link is to the malware site.
4: had a long string of bullshit code added to the function.php page
5: had a bullshit javascript link to a dodgy file added.
also:
hardening wp security:
http://codex.wordpress.org/Harde…a useful backup plugin (db, content, the lot):
http://www.webdesigncompany.net/…
http://wordpress.org/extend/plug…- H5?
http://www.itechnews…Miguex - <h5> tag ya fucking simpletonairey
- H5?
- airey0
also, a google tool that tells you of the malware status of the site:
http://www.googletutor.com/check…also, once this was fixed i used the google webmaster area where i have the google sitemaps setup to request a review of the malware security notice google tells the browser to warn users of. this was really useful anyway as the webmaster area gave me more specific info about some of the sites.
- nocomply0
Sad to say that a few wordpress sites on my gs-hosted MT account got hacked with the javascript injection thing. Made for a terrific start to my weekend.
MT claims it is not their fault, and I do pretty much believe them on that. I certainly do not know enough about hosting environments to make any kind of conclusion on my own.
The cleanup was relatively simple, but I had to do it to many different sites so it became tedious.
In my opinion, I don't think preventing hacks is 100% possible, so I try to make sure to keep both my files and my database backed up regularly. That way when the shit hits the fan, I don't go into complete panic mode.
And Airey - as for that backup plugin you listed... I used to use that one until recently when I noticed that the automated backups stopped working. I think it has something to do with the newer version of wordpress.
But just today I found at new one at http://wordpress.org/extend/plug… and tested it out and it looks to be good.
Hope this helps some of you guys out there.
- lukus_W0
Remember, if you include javascript from a central CDN or external site - the problem could be related to the hosting of that particular file (and not your own specific hosting).
- boobs0
Thanks, Hombre! Have a wee squeeze!
- acescence0
a few things I do with every wp install:
-install wp into a random directory, not on the root of the domain (the site itself can still live on the root)
-change the default admin account
-prevent direct access to files and directories via htaccess.
-use htaccess/htpasswd to password-protect the admin directory.
-remove the wp generator and version to mask the fact that you're using wp
-set up a cron job to automatically back up everything on a regular basis
- airey0
more info:
http://perishablepress.com/press…
- oddslob0
Should be included in the default installation:
http://wordpress.org/extend/plug…
- airey0
also, mediatemple put me on to these peeps that sorted a major issue. i've now paid for an account which lets you use the 'scanner' to check for malware. cleaned 5 sites this arvo using it. i tried a bunch of others that all gave it them a clean bill of health yet were blacklisted by google.
can say i'm happy with the service and tools on offer. obviously i'm a simpleton but there may be other simpletons.