// Internet Duct Tape

Reasons to Take Security Upgrades Seriously — Hacked WordPress Sites

Posted in Links, Technology, WordPress by engtech on January 16, 2007

WordPress 2.0.7 was released yesterday. Click here for details of the fixed vulnerabilities. Unfortunately, that was not soon enough for several web masters who run SEO sites. A hacker going by the name of FuckingPirate has taken down three popular SEO sites so far and published a hit list with more.

(hat tip: seoblackhat)

This is a reality of running a site on the Internet. Here are some tips for minimizing the damage:

  • Keep up to date
    • Subscribe to the announcement page using RSS for software you use
    • Highlight these subscriptions so they don’t get lost in your feed reader
  • Backups
    • Backup your site often
    • Store your backup on a different server
  • Passwords
    • Don’t use common word passwords that could be found in a dictionary
    • Use unique passwords you don’t also use on other sites
    • If one site gets compromised it can lead to the same user id / password combo being exploited on other sites
  • Comments
    • Keep track of your comments
    • If they can’t hack your site, they might settle for defacing your comments

6 Responses

Subscribe to comments with RSS.

  1. Tony said, on January 17, 2007 at 2:00 am

    Word was that all stopped a few days ago, and that a few enterprising folks were going to call the RCMP (since he’s Canadian).

    But, the moral’s dead on — upgrade, backup, and backup some more.


  2. engtech said, on January 17, 2007 at 2:16 am

    He’s still been posting at his blogspot blog today.

    What’s funny is that I could just see the Integrated Technical Crime Unit going “what’s a blog?”

  3. […] version 2.0.7 de WordPress y para evitar problemas les recomiendo, al igual que Lorelle, GreyWolf y engtech que actualicen su […]

  4. […] If you’re running a hosted WordPress blog (like me), you might want to upgrade to version 2.0.7 or you might get hacked. […]

  5. […] sim. Já atualizaram seu WordPress para o 2.0.7? Olha o que a Lorelle tem a dizer. Parece que a coisa é […]

  6. […] Vía >> ThreadWatch y Engtech […]

Comments are closed.

%d bloggers like this: