Wordpress Hackers

[Admin]

A lot of my Wordpress sites are getting multiple attempts to access:
http://www.DOMAIN/wp-plugins/config/index.php

all only from "dodgy" countries.

I guess they are looking to see if there is an index file there or if they can upload their own plugin.

I'm using Wordfence to see this and .htaccess to block it.

Wordfence really is an awesome (free) tool, you get a great idea of what these people are attempting on your WP sites.

Admin

 

[retired_member36]

Thanks for the heads up,

I cant stress enough how important it is to make sure all your wordpress versions and plugins are up to date! Earlier this week HEART shut one of my sites down, due to malicious activity! It was a site that I havnt checked in ages, so almost everything needed updating! I also didn't have any security on it.

The hackers gained access through a plugin (All in one events calendar, to be specific) and were able to place some dodgy code into my wordpress pages.

Thankfully I had clean copies of everything

 

[Admin]

There is an automatic updater PI that does Wordpress and plug in updates automatically, then (optionally) sends you are email to confirm. It's free

I use this on all my sites, save hours (or they don't get done at all as in your case).

I just upgraded one site to Wordfence paid version, live traffic view is interesting.

Admin

 

[retired_member36]

There is an automatic updater PI that does Wordpress and plug in updates automatically

Fantastic, ill get that installed to make life easier.

 

[scooter]

If your files do get infected with a java injection and you do not have an up to date backup, I can recommend this site:
http://sucuri.net/

Did 3 shopping cart sites for me (not wordpress). Give them your ftp info before going to bed and all done by the time you get up.





.

 

[mdrussell]

Something we've noticed in recent months is that lots of hackers will sniff unsecured wifi networks looking for WordPress admin logins. They'll then use this to their advantage.

So please enforce https:// access to /wp-admin/ and always use this when connecting from Starbucks/McDonalds/unsecured wifi network

Matt

 

[diablo]

Wordpress 3.7 introduced automatic maintenance and security updates

http://wordpress.org/news/2013/10/basie/

 

[murph]

Something we've noticed in recent months is that lots of hackers will sniff unsecured wifi networks looking for WordPress admin logins. They'll then use this to their advantage. So please enforce https:// access to /wp-admin/ and always use this when connecting from Starbucks/McDonalds/unsecured wifi network Matt

Scary stuff! When you think about how much stuff is done on mobis while out n about these days... Gmail passwords etc...