[TriLUG] OT: Wordpress Hack
Mark Turner
jmarkturner at gmail.com
Thu Jun 4 15:07:41 EDT 2009
Tarus Balog wrote:
> I maintain a number of Wordpress blogs. Today I noticed an RSS update on
> a very old page, and when I looked at it, hidden in the code was:
A number of my blogs were recently compromised. Same story: WP 2.7.1. I
think it was an XMLRPC attack:
http://www.markturner.net/2009/05/27/mt-net-recovers-from-another-hack/
I would suggest you get up with the WP security team and give them the
scoop: security at wordpress.com.
I also applied the SABRE plugin to block Russian bots from creating
accounts. I highly recommend it.
I also found this page helpful:
http://ocaoimh.ie/2008/06/08/did-your-wordpress-site-get-hacked/
Cheers,
Mark
--
Mark Turner
www.markturner.net
More information about the TriLUG
mailing list