Blog Mastermind Forums RSS Feed
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 9th June 2008, 10:28 AM
Blaine Moore's Avatar
Recent Blog: Karl Meltzer?s Appalachian Trail Record Attempt is...
Blog Mastermind Mentor
  
Join Date: Jan 2006
Location: Vacationland
Posts: 1,391
Send a message via AIM to Blaine Moore Send a message via Skype™ to Blaine Moore
Default WORDPRESS VULNERABILITY: Have you been hacked yet?
There is a hack going around that may or may not affect wordpress 2.5.1 blogs, but definitely affects all older versions. (There are known 2.5.1 blogs that are infected, but the general consensus is that they got hacked before being upgraded and carried the upgrade through.)

It is a very tricky problem. Basically, if somebody gets a search result in google and clicks through to your site, they are immediately forwarded to a spammer's site instead. A cookie gets dropped in the process, though, so that it doesn't happen a second time. This prevents site owners from noticing anything strange or troubleshooting it other than that google traffic begins to dry up. It can also lead to your site being temporarily delisted.

To see if your site has been hacked, clear the cookies on your blog (or use a computer that has never visited your blog) and do a search that returns a result that links to your page. Click the link. Did you wind up on your site? If so, you aren't being exploited right now and may not have been hacked. (Then again, you may have been.) If you do go to a scammer's site, you've definitely been hacked.

JD Roth has put up some good instructions for fixing your site, which you can read here:
Patching the WordPress AnyResults.Net Hack ∞ Get Rich Slowly

There is also a video that you may find helpful on YouTube:
YouTube - Remove Wordpress Spam Redirect
Reply With Quote
  #2 (permalink)  
Old 9th June 2008, 12:25 PM
Blaine Moore's Avatar
Recent Blog: Karl Meltzer?s Appalachian Trail Record Attempt is...
Blog Mastermind Mentor
  
Join Date: Jan 2006
Location: Vacationland
Posts: 1,391
Send a message via AIM to Blaine Moore Send a message via Skype™ to Blaine Moore
Default
Here's another good article on the exploit:

Did your WordPress site get hacked?
Reply With Quote
  #3 (permalink)  
Old 3rd July 2008, 03:41 AM
Recent Blog: Going Full Feed Ahead ?
Beginner Blogger
  
Join Date: Jul 2008
Location: Bristol, UK
Posts: 4
Send a message via Skype™ to The Blogging Queen
Default I've been hacked twice
My membership site, which is run via WordPress was hacked about 4 months ago but more recently I discovered that an unused html page on my site had been hacked too ... seems it's not just wordpress.

Trish
Reply With Quote
  #4 (permalink)  
Old 3rd July 2008, 08:16 AM
Blaine Moore's Avatar
Recent Blog: Karl Meltzer?s Appalachian Trail Record Attempt is...
Blog Mastermind Mentor
  
Join Date: Jan 2006
Location: Vacationland
Posts: 1,391
Send a message via AIM to Blaine Moore Send a message via Skype™ to Blaine Moore
Default
Quote:
Originally Posted by The Blogging Queen View Post
My membership site, which is run via WordPress was hacked about 4 months ago but more recently I discovered that an unused html page on my site had been hacked too ... seems it's not just wordpress.

Trish
There are plenty of exploits out there. I was just pointing out one specific one that is easy to prevent as long as you upgrade before you are hacked or else clean up the hack and upgrade so that you don't get hacked again.
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -5. The time now is 12:47 PM.

Entrepreneurs-Journey.com - Archive - Top

Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0
Copyright Yaro Starak 2007