News

Empowerment of knowledge by strategic team efforts.

Security Threat: WordPress Under Attack

Sep 08, 2009

We’re hearing of numerous reports that older versions of WordPress are exposed to security threats. WordPress is one of the largest blogging engines with over 5,317,360 – and counting – downloads for their latest version, 2.8. Many large blogs, including TechCrunch, rely on WordPress to get the news out and post content online.

Writes Lorelle on her WordPress-centric blog:

There are two clues that your WordPress site has been attacked:

First, there are strange additions to permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize.

To prevent this attack, if you have not done so already, update your WordPress install immediately to the latest version. Change all your passwords to a strong password (cough), including WordPress blog access for all users, database, FTP, control panels, etc. These are all highly recommended procedures.

Automattic, WordPress’ parent company, hasn’t commented on this issue, but we’ll keep everyone updated. In the meantime, we urge you to update your WordPress blog immediately.

Request a Proposal Call 866-975-2832

Name

Phone

Email

Comments

Verify Image Verify Image

 



If you are willing to excel, passionate about growth, believe in yourself, or are an avid learner that doesn't want to stop progressing, you may qualify for what we call 'The PROTON Way.' It's Amazing What You Can Do Here! Join our growing team. Define your own way of work!

Learn More




 

Industry News

July 22, 2010 - Google is to announce a major melioration of its image search at a press conference to be...
Read More

Recent Case Studies