WordPress Blogs Attack And Hack
Free Online Articles Directory
Why Submit Articles?
Top Authors
Top Articles
FAQ
AB Answers
Publish Article
0 && $. browser. msie ) {
var ie_version = parseInt($. browser. version);
if(ie_version Hello Guest
Login
Login via
Register
Hello
My Home
Sign Out
Email
Password
Remember me?
Lost Password?
Home Page > Internet > WordPress Blogs Attack And Hack
WordPress Blogs Attack And Hack
Edit Article |
Posted: Jul 21, 2009 |Comments: 0
| Views: 1,200 |
Share
]]>
WordPress bloggers beware because you can be attacked and hacked due to vulnerabilities in the WordPress platform. This article covers what’s happening and then gives you 12 ways to avoid it from happening to you.
That’s right my friends WordPress blogs are being attacked, hacked and redirected to other websites without the owners of the blogs being aware. Sounds scary doesn’t it? Imagine if you had a blog or website earning you hundreds of dollars daily!
Let me back up for a moment for those that aren’t in the know:
It all started for me on June 11, 2009 when I received a desperate call from one of my friends that runs a very successful, well-known and profitable wordpress blog.
They were almost in tears because the wordpress attack and hacker used a loophole in their self hosted blogging platform to accomplish two tasks:
1) Re-direct the traffic away from his wordpress blog to another website that was full of links to different affiliate products
2) Replaced all of his static websites using Iframe redirection to ED drugs and other pharmacy type websites.
How did the blog owner find out? One of their readers clicked on a link in the blog to read a post they were interested in and they were taken to an affiliate website that had nothing to do with the topics being discussed on the blog.
Thinking it was just an error they tried again and was taken to a completely different website than they were directed to the first time. That sent up red flags for the reader and they contacted the owners of the blog.
The really sad part is that by the time the owners of the blog were able to correct the wordpress attack and hack they had lost approximately $700 in sale that day alone. What’s worse is that here we are exactly a week later and they are still working on repairing the damage done to their static websites.
What can you do to protect you name, brand, reputation, revenue and WordPress blog from being attacked and hacked?
1. Secure Your WordPress Database -
Create a database for WordPress. WP uses only a few tables but creating a whole database just for the blog is more likely to limit its access.
Create and grant limited access to a database user. Create a user to access this database only and grant limited access to SQL commands in the database (select, insert, delete, update, create, drop and alter).
Pick a strong database password. Make it as random as possible since you don’t have to remember it.
2. Populate wp-config. php Properly – Use WordPress secret key generation tool to generate random WordPress cookies. These keys are used to insure better encryption of information stored in WordPress user’s cookies.
You also want to modify the WordPress table prefix to something other than wp_ by adding random characters and numbers to the end of wp, such as wp64mlm_manual.
3. Replace the Default “admin” Username – Fantastico users are able to pick admin user and password as part of the installation process. Replace the default so that “admin” user name is now myadm instead of admin.
4. Pick Secure WordPress Password for “Admin” – Your password should combine uppercase and lowercase characters and include numbers.
5. Use Secure Login via Encrypted Channel – WordPress bloggers who have SSL enabled for their domain should use that encrypted channel to access their WordPress Dashboard. You can force admin sessions over HTTPS by setting the FORCE_SSL_ADMIN variable in wp-config. php file to TRUE.
6. Upgrade as New Version Becomes Available – WordPress bloggers should upgrade once newer versions are issued because the upgrades address know security vulnerability issues.
7. Update Word Press Plug-in’s – It only makes sense to do so once you upgrade to a newer version of WP.
8. Backup Your Database and Files – Install a plug-in or use cronjob to create backups of your wordpress blog database and files on a regular basis.
9. Disable Directory Browsing – By default in most hosting, indexes of directories are shown in web browsers revealing any content of a directory that has no index. html or index. php. You can modify this behavior with Apache by adding a line of code into the . htaccess file in the root directory.
10. Protect WordPress Administration Files – WordPress administration files reside in wp-admin directory of your WordPress blog. You may use . htaccess to restrict access or allow only specific IP addresses to enter this directory and file. You may also allow access from a range of IPs by way of mod_access.
11. Restrict File Access to wp-content Directory – The wp-content directory contains your theme files, uploaded images and plug-ins. WordPress blogs don’t access the . PHP files in the plug-ins and themes directories via HTTP. Restrict wp-content by way of . htaccess so only the following files can be accessed image files, javascripts, and CSS preventing people from accessing any other files directly.
12. Hide The WordPress Version in the Header Tag.
These practices are nothing new and WordPress has been telling their self hosted bloggers that they should be implementing these tactics since day one.
Now the wordpress attack and hack is in full effect and millions of bloggers are going to wake up one day and find that all their hard work, efforts and revenue is gone.
I beg all WordPress users to take emergency steps to protect themselves starting today! While I have listed what can be done in this article there is so much more that wasn’t covered so I highly recommend that you take the time to research the resource I will mention in my bio below because it is how my friend and I are now protecting ourselves from the WordPress attack and hack.
Retrieved from “http://www. articlesbase. com/internet-articles/wordpress-blogs-attack-and-hack-1057157. html”
(ArticlesBase SC #1057157)
Liked this article? Click here to publish it on your website or blog, it’s free and easy!
Paul Hackett -
About the Author:
Paul G. Hackett A. K. A The Medical Billing and Transcription Mastermind and religious blogger uses http://budurl. com/wordpresslockdown to protect his blogs and revenue generating website http://medicalbillingbooks. tripod. com
]]>
Questions and Answers
Ask our experts your Internet related questions here. . . 200 Characters left
Who is subscribed to my wordpress blog ?
Rate this Article
1
2
3
4
5
vote(s)
1 vote(s)
Feedback
RSS
Print
Email
Re-Publish
Source: http://www. articlesbase. com/internet-articles/wordpress-blogs-attack-and-hack-1057157. html
Article Tags:
wordpress attack, wordpress hack, wordpress blogs, wordpress, attacks, hacks
Related Videos
Related Articles
Latest Internet Articles
More from Paul Hackett
Buffer overflow attacks explained with beer!
Segment from Hak5 1×04 – Buffer overflow attacks explained with beer! Enjoy! (05:31)
WordPress Blog Themes Tutorial
Learn how to Control the Look of a WordPress Blog Using Themes.
This video shows you how to use Templates to control the Look and Feel of a WordPress blog. There is a complete tutorial on VitaminCM. com. (04:33)
How to Submit and Publish Your 1st WordPress Post
How to Submit and Publish Your first WordPress Post. This “How to” Help Tutorial Video shows you how easy and quick it is to publish your very first post on your self hosted WordPress Blog. You’ll be amazed how easy it is! (07:06)
How to Move Blog from Blogger to WordPress
Learn how to move your blog from blogger to WordPress without losing your Google PageRank and RSS subscribers (02:48)
How to Set Up Permalinks in WordPress
How to Set Up Permalinks in WordPress, this WordPress Help Tutorial Video shows you how to make a small change that will make it much easier for Google to find you posts and pages. This 2 minute tip trick will do wonders (05:23)
Worm Attack Targets Unpatched And Older WordPress Versions
According to the WordPress Blog, this worm is a clever one: “Iit registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts. ”
By:
Ana Nevadal
Internet>
Web Designl
Jan 28, 2010
WordPress Security – How to Protect Your WordPress Installation From Hackers
There are some simple steps that you can take to protect every WordPress installation you set up. But why worry about security?
This is why:
I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced
By:
wilcoxen winekl
Internet>
Internet Marketingl
Dec 01, 2010
WordPress Security – Make Sure Your Blog is Secure!
WordPress is one of the most popular blogging software applications that is currently being used for blogs and also as a content management system for websites. Just like any other software, with popularity comes troublesome security issues as people try to hack the program and cause problems for the users.
By:
Cecil Flynnl
Internet>
Bloggingl
Jul 25, 2010
How to Detect and Prevent a WordPress Spam Injection Attack
Last month my WordPress blog was the victim of a spam injection attack and my entire corporate website was removed from Google SERPS. Recovering from a WordPress Spam Injection attack is not fun, but you can regain your Google Search Results after being hacked by a spam injection attack.
By:
Chris Londonl
Internet>
Web Designl
Oct 02, 2009
Hack Attack: Just How Secure is Your WordPress Blog?
The growth in popularity and income potential of blogs have made them targets of computer hackers. WordPress Blogs have become prime targets due to security flaws. The impact of hackers can be a disaster for a blog but the solution to building a strong defense is easy.
By:
James Steinl
Business>
Online Businessl
Nov 02, 2008
lViews: 395
WordPress Guides To Get The Ultimate Security For Your Blog
You have set up your WordPress blog and you want to ensure that it is full proof from hackers. What you need is a security lock that cannot be broken or accessed into by any means.
By:
Chuck Starrl
Internet>
Bloggingl
Jan 09, 2010
How To Prevent a WordPress Disaster
You’ve probably heard it a million times – you NEED to backup your data or you risk losing it all forever. This is no less important when you are using WordPress. In fact, it may be more important given that open-source applications like WordPress are more susceptible to hacker attacks. I can tell you from personal experience how important it really is. Learn in this article how to avoid losing your entire WordPress site and content.
By:
Philip Lightl
Computersl
May 17, 2010
Mananged Webhosting Versus Unmanaged Hosting Solutions
Choosing between managed and un-managed hosting can be a tricky job. So here is some advice on how to make your decision the right one for your server hosting requirement.
By:
Dirik Hameedl
Internetl
Jan 07, 2011
Make Money From Home With Amazon
If you are to search for products online, you will come up with Amazon. com. Basically, this site is where people sell their products. But, do you know that you can make money from home with Amazon?
By:
Paul Jessel
Internetl
Jan 07, 2011
Do You Want More Visitors – Traffic For Your Squidoo Lenses
I am a squidoo lensmaster and like many I am always searching for new ways to generate traffic/visitors to my squidoo lenses . . . . . . . Are you as well? Like many people I work hard on creating unique lenses (single webpages), with interesting original content, I always make sure a lens looks great and easy to navigate.
By:
mr dmsl
Internetl
Jan 07, 2011
Why San Diego Companies Need A SEO Consultant
The primary question any business owner should be asking is, “How will a consultant for San Diego SEO benefit my business?” Search Engine Optimization is an investment in exposure for your business, product, or ideas.
By:
William Hauselbergl
Internetl
Jan 07, 2011
Second Business – Finding Traffic And Money
Building website traffic is easily one of the most important factors in creating a successful second business and making money online. However, web traffic building methods often have to be implemented in the very early stages of website creation.
By:
Joe Stewartl
Internetl
Jan 07, 2011
Why San Francisco Companies need an SEO Consultant
The internet offers a great deal of opportunities to small businesses that are ready to embrace the changes that come with it. While some may fear that it is the realm of massive businesses that they cannot compete with, just the opposite is true in many cases.
By:
William Hauselbergl
Internetl
Jan 07, 2011
Want To Know How To Make Money On A Website?
When you understand that every website visitor who comes to your site is going to leave you will want to monetize it in various ways. Here are 8 ideas on how to make money on a website in no particular order of preference.
By:
Cynthia Minnaarl
Internetl
Jan 07, 2011
What Are Paid Cell Phone Lookup Websites?
So what is the biggest selling point of these paid reverse cell phone lookup sites? These website also offer a good deal through a 60 day money back guarantee, if total satisfaction is not achieved. You get a full refund!
By:
Janelle Elizabethl
Internetl
Jan 07, 2011
WordPress Blogs Attack And Hack
WordPress bloggers beware because you can be attacked and hacked due to vulnerabilities in the WordPress platform. This article covers what’s happening and then gives you 12 ways to avoid it from happening to you. That’s right my friends WordPress blogs are being attacked, hacked and redirected to other websites without. . .
By:
Paul Hackettl
Internetl
Jul 21, 2009
lViews: 1,200
Add new Comment
Your Name: *
Your Email:
Comment Body: *
Verification code:*
* Required fields
Submit
Your Articles Here
It’s Free and easy
Sign Up Today
Author Navigation
My Home
Publish Article
View/Edit Articles
View/Edit Q&A
Edit your Account
Manage Authors
Statistics Page
Personal RSS Builder
My Home
Edit your Account
Update Profile
View/Edit Q&A
Publish Article
Author Box
Paul Hackett has 1 articles online
Contact Author
Subscribe to RSS
Print article
Send to friend
Re-Publish article
Articles Categories
All Categories
Advertising
Arts & Entertainment
Automotive
Beauty
Business
Careers
Computers
Education
Finance
Food and Beverage
Health
Hobbies
Home and Family
Home Improvement
Internet
Law
Marketing
News and Society
Relationships
Self Improvement
Shopping
Spirituality
Sports and Fitness
Technology
Travel
Writing
Internet
Affiliate Programs
Audio
Blogging
Domain Names
ECommerce
Email
Forums
Internet Marketing
Link Popularity
Newsletters
RSS
SEM
SEO
SMO
Spam
Video
Web Design
Web Hosting
]]>
Need Help?
Contact Us
FAQ
Submit Articles
Editorial Guidelines
Blog
Site Links
Recent Articles
Top Authors
Top Articles
Find Articles
Site Map
Webmasters
RSS Builder
RSS
Link to Us
Business Info
Advertising
Use of this web site constitutes acceptance of the Terms Of Use and Privacy Policy | User published content is licensed under a Creative Commons License.
Copyright © 2005-2011 Free Articles by ArticlesBase. com, All rights reserved.
WordPress Crash Course
Learn WordPress in less than Two hours. Our crash course features high definition video captures that teach you all the basics of using the WordPress platform.
