Cleaning Up from Wordpress Hack
July 8th, 2008
Let me preface this post by saying that I really, really like Wordpress …
However, I’ve been cleaning up a mess that injected spam into my blog for a while now. The hacks consisted of two types:
- Comments that injected spam links
- Hacked template files that imported scripts with spam links
If you use Wordpress, make sure you take a close look at your source code. Better yet, lock down the permissions on all your template files. This will not allow you to use the online theme editor that Wordpress provides, but for most of us, it’s an acceptable trade-off.
I don’t understand the cause of the security breach, but have been more diligent ever since about updating to the newest version of Wordpress whenever it’s released. I’d suggest all bloggers do the same. We’ve got to stop the spam.
Some links for more info:
- Expunging the wordpress.net.in spam injection hijack
- Hacked! Never let your theme files writable!
- Wordpress Spam Injection: ‘Goro’ hacked my blog
Entry Filed under: Signposts, WordPress
Bookmark This:
1 Comment Add your own
1. Bookmarks about Css&hellip | August 1st, 2008 at 7:30 pm
[...] - bookmarked by 1 members originally found by dcasimiro on July 17, 2008 Cleaning Up from Wordpress Hack http://blog.designdelineations.com/2008/07/08/cleaning-up-from-wordpress-hack/ - bookmarked by 1 [...]
Leave a Comment
Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
Trackback this post | Subscribe to the comments via RSS Feed