Reasons to Take Security Upgrades Seriously — Hacked WordPress Sites
WordPress 2.0.7 was released yesterday. Click here for details of the fixed vulnerabilities. Unfortunately, that was not soon enough for several web masters who run SEO sites. A hacker going by the name of FuckingPirate has taken down three popular SEO sites so far and published a hit list with more.
(hat tip: seoblackhat)
This is a reality of running a site on the Internet. Here are some tips for minimizing the damage:
- Keep up to date
- Subscribe to the announcement page using RSS for software you use
- Highlight these subscriptions so they don’t get lost in your feed reader
- Backups
- Backup your site often
- Store your backup on a different server
- Passwords
- Don’t use common word passwords that could be found in a dictionary
- Use unique passwords you don’t also use on other sites
- If one site gets compromised it can lead to the same user id / password combo being exploited on other sites
- Comments
- Keep track of your comments
- If they can’t hack your site, they might settle for defacing your comments
Word was that all stopped a few days ago, and that a few enterprising folks were going to call the RCMP (since he’s Canadian).
But, the moral’s dead on — upgrade, backup, and backup some more.
Cheers
t
He’s still been posting at his blogspot blog today.
What’s funny is that I could just see the Integrated Technical Crime Unit going “what’s a blog?”
[…] version 2.0.7 de WordPress y para evitar problemas les recomiendo, al igual que Lorelle, GreyWolf y engtech que actualicen su […]
[…] If you’re running a hosted WordPress blog (like me), you might want to upgrade to version 2.0.7 or you might get hacked. […]
[…] sim. Já atualizaram seu WordPress para o 2.0.7? Olha o que a Lorelle tem a dizer. Parece que a coisa é […]
[…] Vía >> ThreadWatch y Engtech […]