• Resolved Josh

    (@josh401)


    Moderator and Editor Customizer

    Can hackers gain access by an admin approving comments or pings? I don’t completely understand how a ping works, and I get a few which come from sites which duplicate my content.

    Usually, Akismet catches 95% of these (except for pings). And the others I manually delete.

    So, what are the negative impacts of a spam comment or a spam ping which gets through and approved?

    Thanks.

Viewing 6 replies - 1 through 6 (of 6 total)
  • esmi

    (@esmi)

    Forum Moderator

    Can hackers gain access by an admin approving comments or pings?

    Nope.

    what are the negative impacts of a spam comment or a spam ping which gets through and approved?

    Not everyone moderates comments and some people also publish pings as part of their standard comments. so the spammers are hoping that a % of their junk goes straight through to the published page without needing approval. Send this stuff out via bots and hit (say) 10,000 sites and you only need a low % to gain some vague link-back benefit.

    Josh

    (@josh401)

    Moderator and Editor Customizer

    Great.

    Okay, I am getting an eval(base64decode code hack that keeps getting “dropped in” (about once every three or four days).

    I’ve changed passwords, changed salts, re-uploaded wordpress core and theme files, and installed a security plugin (bulletproof security, or something like that).

    I’ve followed your excellent links regarding hacks. Especially (Otto’s ?) post about how to “sniff out” this code.

    Sooo… I guess it’s time to put on a wet-suit and dive into the database. I just don’t see where else this could be coming from?

    Pioneer Web Design

    (@swansonphotos)

    Compromised host who is loathe to ever admit it is my guess…

    esmi

    (@esmi)

    Forum Moderator

    @josh: Have you changed all of your passwords – including your FTP and hosting account management ones? Are you using secure or plain FTP?

    Josh

    (@josh401)

    Moderator and Editor Customizer

    @esmi,

    I didn’t even think about that. Yes, I do use FTP and no, it is not a secure FTP. And no, I haven’t changed that username or password.

    It’s possible for a hacker to “see” that information and gain access via FTP? That’s scary!! I’m going over to HostGator RIGHT NOW to switch it to SFTP and change the login info.

    Josh

    (@josh401)

    Moderator and Editor Customizer

    Okay, so I had to call HostGator to ‘enable’ an SFTP account?! I couldn’t believe there wasn’t an option in my CPanel for this. But, I’m happy to report I’m now using SFTP. Thanks esmi!!

    After explaining why I needed the SFTP account, the CSR happily offered to have the tech department run a scan on my site and help me to identify possible backdoors and/or malware.

    We’ll see what they come back with.

    Thank you so much esmi.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Hackers’ is closed to new replies.