[resolved] base 64 code injector preventer (10 posts)

  1. tarambana
    Posted 5 years ago #

    I'll nominate the guy that cracks the plug in to prvent code injections for saintdom at the vatican!

  2. elfin
    Posted 5 years ago #

    is this in core, or plugin or ... ?

  3. tarambana
    Posted 5 years ago #

    I hope someone can write a plug in that prevents base64 injections. Is the Nth time I get an AV alert and fins all over the php files base 64 code.

    (look http://wordpress.org/support/topic/admin-page-redirection-to-httpwww4in-scalefeedinpp52?replies=8 )

  4. As mentioned in your other post, it's not that WordPress has a weakness here, it's your webhost.

    WordPress is only as secure as your server, so I would talk to my host about that one.

  5. tarambana
    Posted 5 years ago #

    I undrestand Ipstenu. I was expressing a desire: not to have to bother and espend so much time having to deal with those nuisances. Still, maybe one day someone will tink of something that makes WordPress users, and the parcel of hosting they run, inmune.

    I really like WordPress and I don't like my webhost, myserveworld.net, which, by the way has had a call today and heard that I will not be renewing my account. I had this type of infectons regularly for a year or longer and has put my off my blog and webpages because the preciuos time I have for them was spent dealing with hacks and infections.
    The reason I like WordPress is because it seems that lots o people care about it solve problems, make improovements and enable people like me to run useful websites.

  6. Yeah, but it's hard for WORDPRESS to prevent something that's occurring outside of it, y'know?

    It's like... You want someone to make paint so that your walls can't be painted, when the problem is the door's unlocked. :)

  7. James Huff
    Volunteer Moderator
    Posted 5 years ago #

    The preventative security work needs to be done on the server end. You can have a plugin monitor the files for changes, but it can't prevent the files from being changed. This is just how servers work.

    The closest you can get to what you want is VaultPress. VaultPress backs up your blog whenever a change is made. If you pay for a premium account, it will also scan your blog for exploits and notify you immediately, and you can then restore from the most recent clean backup.


  8. tarambana
    Posted 5 years ago #

    Thank you James.
    I will certaily check vaultpress out. Without wanting to open a door to free advertising, is there any host providers that could be recommended in the UK? I read a couple of articles about choosing a host provider throuhgh links provided by members of this forum; has someone done a selection of good candidates in the UK? The Wp recomendations I checked out are all in the US...
    Once more, many thanks.

  9. elfin
    Posted 5 years ago #

    I use UKWSD.

  10. tarambana
    Posted 5 years ago #

    Thanks Rich.
    I'll check it out straight away.

Topic Closed

This topic has been closed to new replies.

About this Topic