Wordpress users please read

Paullas · Sep 6, 2009

WordPress › Blog How to Keep WordPress Secure

Skinner · Sep 6, 2009

If you have 2.8.4 your clear, and you can check if your clean by looking at the permalinks menu if anything funky has happened.

Specifically look for eval and base64_decode in there, which is the method of injection.

You can also look for a consealed admin too, you will probably need to disable javascript to tell, so firefox or opera are your friend.

If your infected, its going to be a long long night, as its infection has spread into the database, so upgrading WONT fix it.

**edited now I'm on my PC**

Systreg · Sep 6, 2009

Another link about this that someone posted on twitter earlier: Old WordPress Versions Under Attack Lorelle on WordPress

Alien · Sep 6, 2009

Thanks for the heads up; only got one site on WP, which I've now updated to latest version (I just love the auto update feature via FTP in the Control Panel, so easy!).

bensd · Sep 6, 2009

Alien said:
Thanks for the heads up; only got one site on WP, which I've now updated to latest version (I just love the auto update feature via FTP in the Control Panel, so easy!).

It is much better, you can also now browse and upload new themes through the control panel.

WARNING - IF YOU HAVE AMENDED ONE OF THE DEFAULT TEMPLATES.
If you have amended one of the deafult templates this will be overwritten when you do an auto upgrade.

Wordpress users please read

Paullas

Skinner

Systreg

Alien

bensd

Similar threads

Rule #1: Be Respectful

Members online

Premium Members

Latest Comments

Upcoming events

New Threads

Domain Forum Friends

Lastest Listings

Our Mods' Businesses

Settings Notifications

Options

We value your privacy