thread7

Forum Replies Created

Viewing 5 replies - 1 through 5 (of 5 total)
  • Forum: Fixing WordPress
    In reply to: My site was Hacked
    Thread Starter thread7

    (@thread7)

    Thanks jdembowski. If you read your reply again carefully you prove my point.
    #1. Your first link (to https://www.ads-software.com/support/topic/307660 ) states that all security problems are with older versions of WordPress. I’ve already stated in this thread several times that I was using the most recent version.

    #2. There is no sticky thread in this forum stating that if you’ve been hacked to send your logs to [email protected]. None of the links that people have provided or I’ve found myself ever mentioned to do this. I would think that should be a little easier to find, don’t you?

    That is why I am saying security in WordPress isn’t being taken as seriously as it needs to be. I’d guess the 5,000 other sites that were hacked by the same guy would agree.

    Don’t believe me? I Googled the guy and here are several other sites that were hacked, all using WordPress 2.8+.
    https://www.ecolifeadvisors.com/ – WordPress 2.8
    https://unlimitediphoneapps.com/ – WordPress 2.8
    https://spyera.com/tag/sms – WordPress 2.8.4
    https://chodely.com – WordPress 2.8.3

    Forum: Fixing WordPress
    In reply to: My site was Hacked
    Thread Starter thread7

    (@thread7)

    I search these forums and I can’t find good discussions about protecting against vulnerabilities. I follow the links provided by the people above who were kind enough to answer me, and there is a lot of good information on those sites. I’ve followed the recommendations. But frankly a lot of that information is a year old. I still have no idea how I was hacked if I had version 2.8.4. If I do a Google search for my culprit – [email protected] – I get 5000 results! Thousands of other sites were hacked just like mine yet he/she isn’t even mentioned once in these forums. And still this forum is so busy that my post can’t stay on the front page for longer than 45 minutes.
    I just think there is a big problem and no one is addressing it. I want to get a discussion going. Either a WordPress developer will notice and investigate the problem or a forum admin will realize there needs to be a forum dedicated to security.
    I used to use an ASP based forum package and it was riddled with security holes that were always addressed too little too late. I finally had to stop using it. Since I’ve discovered WordPress I like it and want to keep using it. But if security isn’t given enough attention I’ll be faced without a tough decision.

    Forum: Fixing WordPress
    In reply to: My site was Hacked
    Thread Starter thread7

    (@thread7)

    Hmmm. Once thing that is too bad is that just about all the plug-ins that help you with security are out of date and untested with 2.8.4.
    Especially:
    Chap Secure Login
    WordPress Exploit Scanner
    AskApache Password Protect
    WP Security Scan

    Forum: Fixing WordPress
    In reply to: My site was Hacked
    Thread Starter thread7

    (@thread7)

    bump

    Forum: Fixing WordPress
    In reply to: My site was Hacked
    Thread Starter thread7

    (@thread7)

    I have two plug-ins that are active:
    Simple Sidebar Navigation ver 2.1.0 (2.1.2 is available)
    All in One SEO Pack ver 1.6.4.1 (1.6.5 is available)

    I have 3 more plug-ins that are inactive:
    Featured Content Gallery
    Hello Dolly
    Akismet ver 2.2.6

    I don’t have any forums. Are the plug-ins the more likely culprit? Both active ones were not updated to the most recent version.

Viewing 5 replies - 1 through 5 (of 5 total)