MASSEY

I had some hacked that had been on the old wordpress and with plugins in need of update for around 2 months. It is important as soon as you see the update options to do it there and then. Luckily my hacks were not that bad, just a page added to the site with the guys hacker name.

Blossom

Would recommend installing the Ultimate Security and Bulletproof Security plugins along with Block Bad Queries.

__________________
Jenni | Blossom | Video Tutorials

@blossomnu (tell me you're from Acorn & I'll add you back!)

murph

Agreed. I take the stance: stay away from very common public scripts as these are regularly targeted for malware hacking etc. Also, forever having to apply security patches and updates is a constant headache avoided if you roll your own

stender

I've got loads of mentions of base64_decode in one of my plugins w3-total-cache I assume these aren't malicious?

dashu1

Hard to tell, some plugins do have it in - have you got a load of code at the top of your other php files?

It's obviously imperative to keep all plugins and wordpress installs up to scratch, which can be a big headache if you have lots of sites - so I guess the answer is that if you're going to have lots of sites - don't have lots of CMS sites.

With regards to bulletproof security - I did have a very hardened htaccess file on some of these that was practically the code from BPS with a few extra bits thrown in, and they still got hacked.

I think if you have vulnerable files that no security plugin will help - like having the best car alarm & security on the market but leaving the car unlocked and the keys in the ignition.

Anyway, I hope no one else has had problems, it's supposedly an organised crime gang thats doing this to upload trojans and the fake antivirus software, you know the kind of stuff.

Brassneck

If you do have lots of sites then you might want to check out www.managewp.com. It's pricey but makes managing updates of everything real easy and quick.

I've got 400 wordpress installations being managed on it.

Cheers
Stephen.

__________________
XEC Internet Domain Name Services Cheap Hotel Finder Top Christmas Toys Sussex Parenting Tips Haslemere

ProDomains

I keep getting errors malware/virus notifications like this:

# Regular expression match = [decode regex: 1]:

Where several Header, Footer and other .php files seem to infected

# (compressed file: plupload.silverlight.dll) MS Windows Binary/Executable [application/x-winexec]:

Something about something being wrong with a Silverlight file?

# ClamAV detected virus = [PHP.Shell-51]:

bit-64 encryption?

Anyone familiar with this and now how to solve it?

JMOT

One of my sites just got hacked and its being cleaned up and sorted out for me right now.

Luckily I'd already signed up for Sucuri heres my link

Its well worth the money!!

dashu1

Another useful plugin is the exploit scanner.

In it's control panel it gives you the checksum for your wordpress core files, and on their homepage the checksum for WP-whatever version is the latest

So you can see if any core wordpress files have been altered. Even changing a letter from a capital to a lower case would give a totally different string, so you can see quickly and easily whether or not your core files have been fiddled with.

steww

Just a note to watch out, I installed a plug named "Ultimate Security Checker" to toughen up a wordpress install, about a week later the site had malware, have just cleaned the site and found (I think) that the security plugin contained malware (or at least became infected), here is the clean up report:

"Site is now clean and malware-free. The following files were compromised and fixed:

CLEARED: Cleared malware from file: ./wp-content/plugins/ultimate-security-checker/securitycheck.class.php"

Hope that helps!

Cheers