Wordpress stealth hack

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Brujah
    Beer Money Baron
    • Jan 2001
    • 22157

    #1

    Wordpress stealth hack

    Wordpress sites are being hacked by the hundreds, and you may not even realize that yours is too if you host on any number of shared servers (Network Solutions, Dreamhost, GoDaddy, etc...).

    http://www.wpsecuritylock.com/breaki...-on-dreamhost/
  • halfpint
    GFY's Halfpint
    • Jun 2007
    • 15223

    #2
    Thanks man bump for more awareness

    Get FREE website listings on Cryptocoinshops.net

    Comment

    • SGS
      Confirmed User
      • Dec 2002
      • 5176

      #3
      Wordpress = fucking nightmare.
      See sig...

      Comment

      • CunningStunt
        Confirmed User
        • Aug 2006
        • 5594

        #4
        Where there's a will, there's a way.

        Any mass software solution is going to be hit sooner or later. Stinks, but it's inevitable.

        Thanks Brujah. Now I remember why I let a 100 domain experiment die on its ass.

        Comment

        • fris
          Too lazy to set a custom title
          • Aug 2002
          • 55679

          #5
          thats what you get for hosting on a shitty web host, serves them right
          Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence.

          Comment

          • seeandsee
            Check SIG!
            • Mar 2006
            • 50945

            #6
            Originally posted by Brujah
            Wordpress sites are being hacked by the hundreds, and you may not even realize that yours is too if you host on any number of shared servers (Network Solutions, Dreamhost, GoDaddy, etc...).

            http://www.wpsecuritylock.com/breaki...-on-dreamhost/
            thanks for notice
            BUY MY SIG - 50$/Year

            Contact here

            Comment

            • LoveSandra
              So Fucking Banned
              • Aug 2008
              • 10551

              #7
              Originally posted by SGS
              Wordpress = fucking nightmare.
              sometimes , yes

              Comment

              • CPimp
                Confirmed User
                • Aug 2009
                • 2346

                #8
                That friggin sucks.
                three 997 three 55 three 1 ← That's my ICQ. Contact me there. Thanks.

                Comment

                • bloggerz
                  Too lazy to set a custom title
                  • Dec 2006
                  • 16255

                  #9
                  its only on shared hosting? so blogs on dedicated servers aren't being affected?
                  I SELL ADULT BACKLINKS! Email: eroticweb>gmail SKYPE: gfybloggerz

                  $$$$$ MAKE HUGE MONEY IN CAMS - CLICK HERE $$$$$

                  Comment

                  • V_RocKs
                    Damn Right I Kiss Ass!
                    • Nov 2003
                    • 32449

                    #10
                    Wonder if it is the same shitheads that did the big attack last time.

                    Comment

                    • ottopottomouse
                      She is ugly, bad luck.
                      • Jan 2010
                      • 13177

                      #11
                      Thanks for that. Can't find any with a problem
                      ↑ see post ↑
                      13101

                      Comment

                      • Why
                        MFBA
                        • Mar 2003
                        • 7230

                        #12
                        has anyone found one of these websites or is it just dreamhost bashing?

                        considering the source is a person who makes money selling WordPress security software and knowledge

                        Comment

                        • TheDA
                          Confirmed User
                          • May 2006
                          • 4665

                          #13
                          Originally posted by Why
                          has anyone found one of these websites or is it just dreamhost bashing?

                          considering the source is a person who makes money selling WordPress security software and knowledge
                          I wondered the same to be honest. I haven't seen a site listed that's been hit yet.
                          Sharleen Spiteri - 1989 - In The Ass

                          Comment

                          • TheDA
                            Confirmed User
                            • May 2006
                            • 4665

                            #14
                            Originally posted by MrBottomTooth
                            Dreamhost, network solutions, godaddy are all being hit, all kinds of php sites. Not exclusive to wordpress at all.
                            Do you know of any that have been hit by any chance?
                            Sharleen Spiteri - 1989 - In The Ass

                            Comment

                            • Brujah
                              Beer Money Baron
                              • Jan 2001
                              • 22157

                              #15
                              On wordpress.org forums there's a list of people who claim their sites were hacked.
                              http://wordpress.org/support/topic/396524?replies=1

                              Add BlueHost to the list of shared hosts. Also, this doesn't seem to be exclusive to wordpress, but sometimes other .php files on the servers.

                              Comment

                              • Dirty Lord
                                Confirmed User
                                • Nov 2007
                                • 2681

                                #16
                                Originally posted by SGS
                                Wordpress = fucking nightmare.
                                dont say that

                                Comment

                                • icymelon
                                  Confirmed User
                                  • Dec 2007
                                  • 3220

                                  #17
                                  cant you set wordpress to only let your ip login?
                                  Network Of Adult Blogs With Hardlink Rentals Available

                                  Comment

                                  • harvey
                                    Confirmed User
                                    • Jul 2001
                                    • 9266

                                    #18
                                    the attacks are on Apache, not WordPress, that's why it only works on shared hosting. They attacked WP, ZenCart, Drupal and almost any PHP file at sight. Thing is WP has millions of users, hence you'll see "WP is under attack". Or do you expect to see "some custom php script is under attack"? geez, some people

                                    Quite curiously, you'll rarely see "some idiots at shared hosting have no clue about what they're doing", and in 99% of cases that is the issue.
                                    This post is endorsed by CIA, KGB, MI6, the Mafia, Illuminati, Kim Jong Il, Worldwide Ninjas Association, Klingon Empire and lolcats. Don't mess around with it, just accept it and embrace the truth

                                    Comment

                                    • harvey
                                      Confirmed User
                                      • Jul 2001
                                      • 9266

                                      #19
                                      Originally posted by icymelon
                                      cant you set wordpress to only let your ip login?
                                      yes you can with some easy custom mod. However, the attacks were from inside the server, so how do you stop that? Last time, when the NetSol fiasco shown up (1 month ago or so) it was proven they had a rogue admin that changed permissions to allow access to account. Same with GoDaddy hosting. How do you plan to stop that?
                                      This post is endorsed by CIA, KGB, MI6, the Mafia, Illuminati, Kim Jong Il, Worldwide Ninjas Association, Klingon Empire and lolcats. Don't mess around with it, just accept it and embrace the truth

                                      Comment

                                      • Davy
                                        Confirmed User
                                        • Apr 2006
                                        • 4323

                                        #20
                                        I have no problems with my php sites on Dreamhost.
                                        ---
                                        ICQ 14-76-98 <-- I don't use this at all

                                        Comment

                                        • Argos88
                                          So Fucking Banned
                                          • Sep 2009
                                          • 1732

                                          #21
                                          This is a sever config problem.. NOT Wordpress....

                                          Comment

                                          • TheDA
                                            Confirmed User
                                            • May 2006
                                            • 4665

                                            #22
                                            I checked all my WP stuff on shared earlier and it was OK!
                                            Sharleen Spiteri - 1989 - In The Ass

                                            Comment

                                            Working...