WordPress.org

Ready to get started?Download WordPress

Forums

Protecting against being hacked (4 posts)

  1. tbm2
    Member
    Posted 1 year ago #

    Hi,

    In my stats log I've noticed a lot of entries over the past few days where the page accessed is reported as things like:

    src=http%3A%2F%2Fflickr.com.makemyballer.com%2Fload.php
    src=http%3A%2F%2Fflickr.com.makemyballer.com%2Fsimple.php

    These pages don't exist on my site and from a quick look I guess they're obviously some form of bot attempt to hack my site. I have seen similar things like this in my stats before but it seemed to stop after a while. But over the last few days I'm seeing a lot of this kind of thing in my stats logs. The referral domains always seem to be something along the lines of flickr.com.xxxx.com

    I'm aware of the timthumb hack and I've run checks to make sure I'm not susceptible to that, but I'm not sure what else I need to do to try and make sure my security is up to par.

    Can anyone point me in the direction of tips, suggestions or further reading as I'm not sure what I need to be doing to maximise security. Is it possible to block/minimise these kind of attacks via plugins or other means?

    I'm obviously no expert on security but I am prepared to try and learn more - I just don't know where I should start...

  2. The Hack Repair Guy
    Member
    Posted 1 year ago #

  3. tbm2
    Member
    Posted 1 year ago #

    Thank you - I just needed somewhere to start, so that's much appreciated :)

    Will check out the links.

  4. budykiller
    Member
    Posted 1 year ago #

    Looks like timbthumb hack attempts.

    What you can do is subscribe to a newsletter. Like securityfocus or bugtraq to be informed of any new vulnerabilities.

    You have maybe 10 vulnerabilities a week about CMS and plugins. This way you can trace new exploit and make changes to prevent attacks.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.