Regularly Check Your WordPress Files: They Could be Hacked

Wordpress Hacker Image Link

Last night I got a bit of shock when I discovered a strange URL in my WordPress header file (header.php). I cut and pasted into the URL field of my Firefox browser to find that it was some placeholder site that was selling domain names!?

I believe that this could be associated to a vulnerability if one of the older versions of WordPress that I had running.

Once I realised what was going on I immediately removed the offending link and did a scan of all the other main WordPress files (index.php, footer.php, comments.php) just in case.

I’ve found this forum thread on DigitalPoint where other WordPress users talk of similar hack problems especially with redirects from the wp-blog-header.php file.

How to Avoid These WordPress Hacks:

1. Keep up to date with latest versions of WordPress
2. Check your main WordPress files regularly
3. Check your web stats – normally a good sign of a security breach is a visible dip in web traffic
4. Change your password regularly (I know it’s a pain)
5. Visit the WordPress Blog for the latest news

Please feel free to share your stories and tips below.

Share and Enjoy:
  • email
  • StumbleUpon
  • Digg
  • del.icio.us
  • Facebook
  • Mixx

September 22, 2008 · Filed Under Blogging

Comments

6 Responses to “Regularly Check Your WordPress Files: They Could be Hacked”

  1. Mat Packer on September 23rd, 2008 1:11 am

    I had the same thing happen to me back on WP 2.2 or somewhere around there. Now I regularly check my files for anything not meant to be there.

    Good tips here Arn.

    Cheers
    Mat

  2. Jani on September 25th, 2008 7:32 am

    Ouch, thanks for the info, I better check mine, but it can be a pain too check it every day just to see if someone hacked it :(

  3. Dale Evans on September 25th, 2008 12:21 pm

    Thanks for the notice/advice Arnold.

    I’ll be sure to let our client know as I know a few of them use WP.

    Cheers,

    Dale

  4. ozzmosis on September 29th, 2008 6:54 am

    I noticed the web forum for CastBlaster currently has spam links inserted at the very top of the page. Probably a similar problem to WordPress with the vBulletin software they are using.

    On another note, have you looked at the RSS feed for arnoldaranez.com? It redirects to FeedBurner where none of your articles are listed.

    - ozz

  5. Arnold Aranez on September 30th, 2008 6:29 am

    @Dale – Anytime :) If anyone needs a quality web hosting solution please check out Dale’s business (HighTekHosting

    @ozz – thank you for the tip. I’m now involved in 6 blogs so kinda everywhere at the moment. Will fix today :)

  6. effogouct on October 21st, 2008 4:19 am

    Hey,
    I am, Steven
    good overall content
    look at my site:

    http://u3Wt6xZSDg.spaces.live.com/

Leave a Reply




Comment moderation is enabled. Your comment may take some time to appear.

  • Categories

  • Meta