Enjoy unlimited access to all forum features for FREE! Optional upgrade available for extra perks.

Wordpress Hackers

Status
Not open for further replies.

Admin

Administrator
Staff member
Joined
Jun 14, 2004
Posts
11,136
Reaction score
922
A lot of my Wordpress sites are getting multiple attempts to access:
http://www.DOMAIN/wp-plugins/config/index.php

all only from "dodgy" countries.

I guess they are looking to see if there is an index file there or if they can upload their own plugin.

I'm using Wordfence to see this and .htaccess to block it.

Wordfence really is an awesome (free) tool, you get a great idea of what these people are attempting on your WP sites.

Admin
 
Thanks for the heads up,

I cant stress enough how important it is to make sure all your wordpress versions and plugins are up to date! Earlier this week HEART shut one of my sites down, due to malicious activity! It was a site that I havnt checked in ages, so almost everything needed updating! I also didn't have any security on it.

The hackers gained access through a plugin (All in one events calendar, to be specific) and were able to place some dodgy code into my wordpress pages.

Thankfully I had clean copies of everything :)
 
There is an automatic updater PI that does Wordpress and plug in updates automatically, then (optionally) sends you are email to confirm. It's free

I use this on all my sites, save hours (or they don't get done at all as in your case).

I just upgraded one site to Wordfence paid version, live traffic view is interesting.

Admin
 
If your files do get infected with a java injection and you do not have an up to date backup, I can recommend this site:
http://sucuri.net/

Did 3 shopping cart sites for me (not wordpress). Give them your ftp info before going to bed and all done by the time you get up.





.
 
Something we've noticed in recent months is that lots of hackers will sniff unsecured wifi networks looking for WordPress admin logins. They'll then use this to their advantage.

So please enforce https:// access to /wp-admin/ and always use this when connecting from Starbucks/McDonalds/unsecured wifi network

Matt
 
Something we've noticed in recent months is that lots of hackers will sniff unsecured wifi networks looking for WordPress admin logins. They'll then use this to their advantage. So please enforce https:// access to /wp-admin/ and always use this when connecting from Starbucks/McDonalds/unsecured wifi network Matt

Scary stuff! When you think about how much stuff is done on mobis while out n about these days... Gmail passwords etc...
 
Status
Not open for further replies.

The Rule #1

Do not insult any other member. Be polite and do business. Thank you!

Featured Services

Sedo - it.com Premiums

Sponsors

IT.com

Premium Members

AucDom
UKBackorder
Be a Squirrel

Sponsors

Acorn Domains Merch
MariaBuy Marketplace

Shiny Nuts

Perfect
Service
Laskos
URL Shortener
*the exceptional businesses of our esteemed moderators
Top Bottom