Blog

WordPress Exploit and Dreamhost

by

5 Comments http://bro.gs/glse

Added : http://trac.wordpress.org/changeset/5570 not a patch but a fix

If you have the last unpatched wordpress 2.2 there is a problem in the xml-rpc module, people if they have a valid username and password can use an SQL Injection exploit. The common usage has been adding hidden links into the template was control of your blog has been lost to the bad guys

Also Dreamhost leaked 3500 FTp username and passwords, so IF you have WP or hosted on dreamhost.

a) Check you source code for hidden links that aren’t your ;)
b) Check the HTaccess file for any odd entries, like a 310 to Bad guys site on you ranking pages
c) Check your robots.txt… yes some idiots thinks it funny to hack you server and block all spiders !!
d) Check for proxy scripts that may have been installed on your server

DaveN

5 Comments

  • Adam 2174 days ago

    http://www.conversion-matters.co.uk

    What’s the deal with this? Is there a new version of wordpress that fixes the exploit or does it only effect versions prior 2.2?

    Reply

  • gabs 2174 days ago

    http://www.seohome.co.uk

    Its hit loads of people http://mezzoblue.com/archives/2007/06/05/unsettling/

    Reply

  • Steve Johnson 2174 days ago

    http://www.supload.com

    This is why I only use http://www.made2own.com for all of my hosting needs. Made2Own takes security very seriously, and their support is incredible. You huys should definitely give them a look.

    Reply

  • Bill 2173 days ago

    http://www.billhartzer.com

    Thanks for mentioning this–I’ll definitely take a look at all of my WP installations.

    Reply

  • Mylo 1936 days ago

    http://www.webdiro.com

    thanks for this useful article it will help me on my WP installations.

    Reply

Write your comment

Optional

The Bronco Family
Work With Us