Security issue with wp delicious

  • Resolved Bill Weye

    (@billhector)


    4 months, 1 week ago

    FALSE ALARM!!

    The issue was not with WPD, but rather the caching plugin serving 3 day old content from when I first set up the site.

    Be careful when using cache and setting up/updating your website!

    During the process of troubleshooting and verifying how WPD works, I discovered a critical security issue.

    I have informed the authors of the exact nature of the issue. I won’t publicize the problem unless they decide not to fix it.

    I will tell you one way to prevent your site from being hacked or being attacked by bots. You should get a security plugin and change the login method to email address only, NOT the user name.

    Let’s be clear: you should not be logging into your website using the user name because it’s not secure (well, it’s secure for you, but will leave your site vulnerable).

    • This topic was modified 4 months, 1 week ago by Bill Weye.
  • You must be logged in to reply to this topic.