WordPress.org

Ready to get started?Download WordPress

Forums

Possible Security Hole with 3.4.1 (7 posts)

  1. f1ss1on
    Member
    Posted 1 year ago #

    Last night I received an email saying that one of my domains has been suspended. I immediately checked the domain, and the site could not connect to the DB. Upon further research, logs showed that the site was hacked, and a master pw I had for the server had been changed, which in turn, caused 26 WordPress sites to go down. All passwords are 20+ characters, alpha - numeric. It is still unclear how they got into the site.

    I hope that this will help the WordPress devs in finding a security hole and aid in a patch for this.

    In the meantime, I had to create 26 diff master passwords, for sites and dbs that are running 3.4.1. I had 3 other sites that are running 3.3.2 that were not affected.

    For WordPress Devs, I will provide server and sql logs upon request.

  2. fonglh
    Member
    Posted 1 year ago #

    See http://codex.wordpress.org/Security_FAQ for how to report security issues.

  3. LIMEXS
    Member
    Posted 1 year ago #

    Please, make sure that you're not using default "admin" as admin user. There can be several assumptions on penetration.

  4. esmi
    Theme Diva & Forum Moderator
    Posted 1 year ago #

    Whilst there's no harm changing the main admin username to something other than admin, it offers very little in the way of additional security. The real strength of your login relies on the use of a strong password.

  5. f1ss1on
    Member
    Posted 1 year ago #

    Hey Guys, Admin name is unique, as well as 20 character pass alpha-numeric and completely random. The only way that this could have happened was by a security hole. This only happened after upgrading to 3.4.1, and did not affect the sites that I have not updated yet. This would imply that the person that broke in, could only get in through 3.4.1. Otherwise why would he leave 3 out of 30 sites up?

  6. esmi
    Theme Diva & Forum Moderator
    Posted 1 year ago #

    If you have collated evidence that proves a specific security issue, please follow the instructions outlined in http://codex.wordpress.org/Security_FAQ

  7. f1ss1on
    Member
    Posted 1 year ago #

    @esmi, thanks. I am going to upload server logs to wp.

Topic Closed

This topic has been closed to new replies.

About this Topic