Wordpress Hack - Upgrading Isn't The Cure

In this THREAD, the hack on older WP blogs that hadn’t upgraded talks about some of the cures to use, to eliminate the hack. WP 2.5.1 supposedly isn’t vulnerable, UNLESS your blog was hacked PRIOR to the Upgrade.

Seems that part of the plan of these hackers was to also leave scripts, bogus users in your blog, so that when you did upgrade, they got in the front door, though I am no techie, so I could be reading this wrong.

There is a whole bunch of PHP talk about checking this and that, and frankly I am so confused I am off to make a gallon of fresh coffee. :bang:

Maybe someone with more tech savvy can comment on what a dumb blond like me is to do, like how in blazes does one check every theme, plugin for the codes, and all that crap. :grrr:

And this is the first real public airing of the matter by the wordpress guru’s too, which really steams me.

Just like SP3 for XP is still causing havoc, and no one seems to have any damn answers. Makes one look back on the old commodore 64 with fondness. whistle

Re: Wordpress Hack - Upgrading Isn’t The Cure

I scanned that article for you and did some checking on my wp blog installs, I think (but do not guaranty) the key points are as follows:

  • check your .htaccess files to make sure the code is as its supposed to be in that article
  • scan your theme files (wp: design -> theme editor) to make sure there is no funky php code in it to redirect google & other surfers, like in that article
  • ftp to your site and check your wp-content/themes/theme-name/scripts directory (and maybe all other subdirectories directories, plus the wp-content/uploads directory too) for any strange jpg files. If you find any strange jpg files, download them and open them with notepad to see if its actually php code. See the referenced youtube video for help on that.

If the above comes out clean, then you should be OK (once again, I just scanned this so can’t guaranty your security). However, its still recommended that you upgrade WP asap, or better yet, migrate to a more secure script like Blogs Organizer.