frankrizer

Forum Replies Created

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter frankrizer

    (@frankrizer)

    Yes, changed the passwords twice. I’m not storing passwords inside the FTP client (winscp) and I’m using sftp protocol.

    Any links to best practices or sites that explain what to watch out for in plugins/themes (esp. around GET/POST/ajax) that might cause security issues?

    Thread Starter frankrizer

    (@frankrizer)

    Thanks, those are great resources, but except for a few tips (@ottopress) I’ve seen all of these and followed the guidelines around recovery etc.

    I hate to take away WP functionality, but if it helps I’ll do what it takes.

    What are the typical security issues/areas prone to malicious attempts?

    1) Site Search (GET Request?!)
    2) Contact Form (POST)
    3) WP Comments (POST)

    ….any known current issues in those areas?

    Thread Starter frankrizer

    (@frankrizer)

    Hi esmi,

    For the last 4 days, the server only had WP installed, even with a “Quota” setting, meaning no scripts running on the domain could have accessed any files outside the domain/respective file system (new owner ID).

    And vice versa, no outside script should’ve (if that possible with no extra server content) been able to add those files in a file system belonging to another owner.

    Hence, it’s got to be coming in through WP.

    Also, the log files show frequent (<5min around the clock!) attempts to run those Malware files such as auth.php, commonn.php, and more recently real, legit files they compromised.

    F.

Viewing 3 replies - 1 through 3 (of 3 total)