pekkie85

then, it is also advised to scroll through its other settings, its quite an impressive solution, and free. (im in no way affiliated) just impressed. It can do a range of things that indeed, that would make it a lot harder to hack a WP install.

i found a security plugin wich actually fights this vulnarability in ALL WP sites.
so, not just Woocommerce. its called iThemes security, and under “wordpress tweaks” it has (ll the way down) a setting; “Protect Against Tabnapping ”
Alter target=”_blank” links to protect against tabnapping

Enabling this feature helps protect visitors to this site (including logged in users) from phishing attacks launched by a linked site. Details on tabnapping via target=”_blank” links can be found in this article.
https://www.jitbit.com/alexblog/256-targetblank—the-most-underestimated-vulnerability-ever/

so i got an email from “netcraft takedown service” @netcraft.com.
Alerting me from a pishing scam ON my website.
I allmost removed it as spam, but the fact that they bothered to write in my countries main languages, suggested they were serious. i verified what they said, and indeed, in the b2b map i made, there was a file EWC.PHP
It loaded a fake bankpage, in order to steal simpletons informations.
If you have a filemanager, one might want to search for this file, just to make sure.
The main issue is that it is unclear where it comes from. It might come back.

• This reply was modified 6 years, 6 months ago by pekkie85.