Hacked Sites


Author Message
speedyp

Posted: 4/22/2013
Quote message 

Bummer :-O

Hope they didn't do any damage.
Wordfence can check core files against the repository.

Thanks for the info & stay safe
 
wut

Posted: 4/22/2013
Quote message 

If your client's WP installations are getting hacked, it's your fault. Take the initiative to lock them down and educate your clients.
 
Abland

Posted: 4/22/2013
Quote message 

Quote SiliconANGLE:
once your site is hacked (and the server it’s hosted on becomes compromised), it can then be used to infiltrate other sites.

http://siliconangle.com/blog/2013/04/15/how-to-sidestep-the-wordpress-botnet-hack/

On any type of shared hosting it's not just your wordpress site - it's also your neighbouring sites that can cause risk.

lol -
Quote me:
but sometimes the most careful precautions can still fail

 
Tom

Posted: 5/3/2013
Quote message 

1. Update WordPress, plugins and themes.
2. Lock down WordPress.
3. Secure your PC from malware.
4. Use strong passwords and never store them on your PC.
5. See #1

:-)
 
Kizza42

Posted: 5/4/2013
Quote message 

Just FYI Guys, I had some older sites infected and the attack vector was older Artisteer generated themes. Remember to re generate your themes with newer versions of Artisteer and don't leave older version of the themes installed.
 
Abland

Posted: 5/8/2013
Quote message 

Hi, speedyp,

Quote speedyp:
Do you have more info, specifically which files in artisteer 3 were open to attack and then removed or secured in V4??


I found version 3.x themes were getting code injected into the functions.php at the very top of the file. I'm looking to see if there's a way to protect existing themes.