Posted 8 months ago #
Hi,
I've recently seen a site running the latest version of wordpress hacked. It appears be a deface of the theme and from searching on Google I found a youtube video from the hacker who shows exactly how he is hacking wordpress websites.
[link removed]
I don't really understand what he's doing, but I believe somebody on this forum will understand and know how to protect against it.
Please see FAQ_Security.
Posted 8 months ago #
Can I ask why the link to the youtube video has been removed?
I thought this was a really useful video showing a potential threat which blog owners could learn from.
Whilst the FAQ's for security are helpful they do not directly tell me or other how to protect themselves against the threat, which appears to have impacted many many sites.
Can I ask why the link to the youtube video has been removed?
The very last thing you do with a possible security issue is to publicise the hackers guide.
they do not directly tell me or other how to protect themselves against the threat,
They tell you how to report a security issue.
they do not directly tell me or other how to protect themselves against the threat,
See http://codex.wordpress.org/Hardening_WordPress
And http://codex.wordpress.org/FAQ_My_site_was_hacked tells you how to recover from an attack.
The right way to report possible vulnerabilities is to send an email to security [at] wordpress.org
You must log in to post.
