Comments on: WordPress Hacking Increasing?

By: Kieran

Kieran — Mon, 29 Sep 2008 18:15:37 +0000

Is there any way to bulk change the permissions? There are a lot of files for WordPress and having to change permissions on each one is rather daunting! Not to mention the time.

By: Episode 33: WordPress 2.3.2 released, WordPress 2.4 missed and changes to the podcast | PHP Podcasts

Tue, 12 Feb 2008 21:37:20 +0000

[...] security gains attention: David Airey hacked using a GMail exploit, Blogging Pro wonders how secure WordPress is, Simple Thoughts details ways to harden your WordPress blog from attack, Ryan Boren discusses ways [...]

By: free download

free download — Sun, 02 Dec 2007 08:06:14 +0000

Thank you.
i setup wordpress 2 day later hacking :S

By: William Teach

William Teach — Mon, 26 Nov 2007 00:32:34 +0000

My own site and a few others I know got hacked, having the htaccess file changed to have a 301 redirect, and some weird stuff after the body tag. The htacess was easy to fix, but, for the rest, actually had to upgrade to 2.3.1 to fix the issue. Not sure if got in through the admin panel or what.

By: Alex Leonard

Alex Leonard — Tue, 20 Nov 2007 10:23:22 +0000

Thanks for that info Michael.

So does this mean that risks are there with WordPress needing, for example, the uploads folder to be set at 666.

Presumably there is no way around this.

By: Michael

Michael — Fri, 16 Nov 2007 17:51:15 +0000

@Alex Leonard: Having file permissions set at 666 or 777 means that, in theory, the world can write to the files with those permissions. I learned this the hard way, when hackers uploaded various scripts for the purpose of sending spam emails. My web host suspended my account after they got away with a few hundred emails or so. Unless absolutely necessary, NEVER leave file permissions at 666 or 777. The normal permission set, depending on the type of file, should be 644 (for static files, like HTML pages and images) or 755 (for things like Perl scripts). These tips don't just apply to WordPress. Keep them in mind when maintaining any Web application.

By: ã‚ãƒ¼ã©ã·ã‚Œã™ã£ï¼ » WordPress ã®ãƒãƒƒã‚ãƒ³ã‚°è¢«å®³ãŒå¢—ãˆã¦ã„ã‚‹ï¼Ÿ

Thu, 15 Nov 2007 14:21:37 +0000

[...] WordPress Hacking Increasing? ã‚ˆã‚Šã€ãƒ–ãƒã‚°ãŒãƒãƒƒã‚¯ã•ã‚ŒãŸã¨ã®å ±å‘ŠãŒæœ€è¿‘å¢—ãˆã¦ãã¦ã„ã‚‹ã¨ã®ã“ã¨ã€‚å€‹äººãƒ‡ãƒ¼ã‚¿ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã§ã¯ãªãã€æŠ•ç¨¿å†…ã«ã‚¹ãƒ‘ãƒ ã‚³ãƒ¼ãƒ‰ãŒè¿½åŠ ã•ã‚Œã‚‹ã‚ˆã†ã ã€‚ [...]

By: Alex Leonard

Alex Leonard — Thu, 15 Nov 2007 11:04:46 +0000

Regarding the correct setting of file permissions, I’ve often wondered exactly what the dangers are and what files shouldn’t ever have their permissions altered.

Various aspects of Word Press or Plugins require certain folders to have their file permissions changed to be writable (666?), but I never feel certain as to how risky this is?

Any suggestions?

By: Anna Vester

Anna Vester — Thu, 15 Nov 2007 02:43:09 +0000

Yep, I have noticed that about Vandelay as well. There is something weird going on. Bittbox is also having problems as of several day ago.

“The hack seems to be adding spammy links to my RSS feeds and (every once in a while) you might see a blank white screen with the phrase â€œAlready hacked by Magic SEO Toolz.â€”

Here is link to a possible fix that was posted on the Devlounge website –
http://www.devlounge.net/articles/protect-your-wordpress-wp-config-so-you-dont-get-hacked

Hope this helps.

By: Nothing To Say » Blog Archive » links for 2007-11-15

Nothing To Say » Blog Archive » links for 2007-11-15 — Thu, 15 Nov 2007 01:27:59 +0000

[...] WordPress Hacking Increasing? Better get on that. [...]

Comments on: WordPress Hacking Increasing?

By: Kieran

By: Episode 33: WordPress 2.3.2 released, WordPress 2.4 missed and changes to the podcast | PHP Podcasts

By: free download

By: William Teach

By: Alex Leonard

By: Michael

By: ã‚ãƒ¼ã©ã·ã‚Œã™ã£ï¼ » WordPress ã®ãƒãƒƒã‚­ãƒ³ã‚°è¢«å®³ãŒå¢—ãˆã¦ã„ã‚‹ï¼Ÿ

By: Alex Leonard

By: Anna Vester

By: Nothing To Say » Blog Archive » links for 2007-11-15

By: ã‚ãƒ¼ã©ã·ã‚Œã™ã£ï¼ » WordPress ã®ãƒãƒƒã‚ãƒ³ã‚°è¢«å®³ãŒå¢—ãˆã¦ã„ã‚‹ï¼Ÿ