easyhosting Posted April 12, 2013 Share Posted April 12, 2013 As I write this post, there is an on going and highly distributed, global attack on wordpress installations to crack open admin accounts and inject various malicious scripts. To give you a little history, we recently heard from a major law enforcement agency about a massive attack on US financial institutions originating from our servers. We did a detailed analysis of the attack pattern and found out that most of the attack was originating from CMSs (mostly wordpress). Further analysis revealed that the admin accounts had been compromised (in one form or the other) and malicious scripts were uploaded into the directories. Today, this attack is happening at a global level and wordpress instances across hosting providers are being targeted. Since the attack is highly distributed in nature (most of the IP’s used are spoofed), it is making it difficult for us to block all malicious data. To ensure that your Wordpress websites are secure and safeguarded from this attack, we recommend the following steps: Update and upgrade your wordpress installation and all installed plugins Install the security plugin listed here Ensure that your admin password is secure and preferably randomly generated Other ways of Hardening a WordPress installation are shared at http://codex.wordpress.org/Hardening_WordPress These additional steps can be taken to further secure wordpress websites: Disable DROP command for the DB_USER .This is never commonly needed for any purpose in a wordpress setup Remove README and license files (important) since this exposes version information Move wp-config.php to one directory level up, and change its permission to 400 Prevent world reading of the htaccess file Restrict access to wp-admin only to specific IPs A few more plugins – wp-security-scan, wordpress-firewall, ms-user-management, wp-maintenance-mode, ultimate-security-scanner, wordfence, http://wordpress.org/extend/plugins/better-wp-security/. These may help in several occasions Also, we recommend using Cloudflare, which is available free , to prevent the attack from affecting the functionality of your site. this come from 2 sources http://blog.resellerclub.com/2013/04/12/global-attack-on-wordpress-sites/ http://blog.cloudflare.com/patching-the-internet-fixing-the-wordpress-br 0 Quote Link to comment Share on other sites More sharing options...
ckh Posted April 12, 2013 Share Posted April 12, 2013 Perhaps crediting the author and a link to the site where this is posted at would be appropriate. 0 Quote Link to comment Share on other sites More sharing options...
ckh Posted April 12, 2013 Share Posted April 12, 2013 Anikita Wadhwa. (April 12, 2013). Global Attack on WordPress Sites. In Blog Resellerclub.com. Retrieved April 12, 2013, from http://blog.resellerclub.com/2013/04/12/global-attack-on-wordpress-sites. 0 Quote Link to comment Share on other sites More sharing options...
bear Posted April 13, 2013 Share Posted April 13, 2013 As I write this post Since it wasn't you who wrote it, you should absolutely be stating that you found this somewhere. The post you made makes it sound like it's yours. 0 Quote Link to comment Share on other sites More sharing options...
easyhosting Posted April 13, 2013 Author Share Posted April 13, 2013 Since it wasn't you who wrote it, you should absolutely be stating that you found this somewhere. The post you made makes it sound like it's yours. well as i was writing it in the thread then "As i write this post" was correct and the source of the information is at the bottom of the post 0 Quote Link to comment Share on other sites More sharing options...
ckh Posted April 13, 2013 Share Posted April 13, 2013 Yes, the links are there now. I imagine you just wanted to get the info out and didn't think of it, I'm sure it wasn't intentional. 0 Quote Link to comment Share on other sites More sharing options...
bear Posted April 13, 2013 Share Posted April 13, 2013 well as i was writing it in the thread then "As i write this post" was correct Seriously? As I write this post, there is an on going and highly distributed, global attack on wordpress installations to crack open admin accounts and inject various malicious scripts. April 12, 2013 | Posted by: Ankita Wadhwa As I write this post, there is an on going and highly distributed, global attack on wordpress installations to crack open admin accounts and inject various malicious scripts. That's copied word for word, and is what I'm referring to as making it look like you'd written it. If you didn't write it, it's proper to state you found it, and put the content within quote tags. 0 Quote Link to comment Share on other sites More sharing options...
Infopro Posted April 13, 2013 Share Posted April 13, 2013 well as i was writing it in the thread then "As i write this post" was correct and the source of the information is at the bottom of the post I merged your two posts together. 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.