qti
Forum Replies Created
-
Forum: Requests and Feedback
In reply to: WordPress 2.7 hacked – could be related to wp-atom.phpMany thanks Gangleri for your suggestions. I will look at the references which I am sure would be useful. On the other hand, knowing that there are millions of users out there, I had expected WordPress to be more secure out of the box as I didn’t do any hacking, and have only installed one fairly popular plugin (kimili – for embedding flash movies (for my photo slideshows)) which I have kept up to date.
Forum: Requests and Feedback
In reply to: WordPress 2.7 hacked – could be related to wp-atom.phpOk having dug a bit deeper I think its 99.9% WordPress’s security problem.
The MySQL database has been hacked with a new user WordPress with a user registration time of 00-00-0000, as described in one of the websites on WordPress security mentioned else on this forum.
To be honest I am terribly shocked by the security of WordPress, and would seriously look at whether there are safer alternatives, and whether I should just shut the blogs until I find something I am happy with. If a small site like mine with such a small Internet footprint managed to be found and get hacked, god bless the WordPress community and especially visitors of WP sites. This is such a serious risk to the whole of the Internet.
Sorry if I am sounding too negative, but I never thought its so unsafe.
Forum: Requests and Feedback
In reply to: WordPress 2.7 hacked – could be related to wp-atom.phpThanks for your reply LenK. I don’t have access to the server logs. If they are not gunning for me, I am surprised that I didn’t see that many other reports of similar incidents from my search on Google. Since I am using the most up-to-date version of WordPress available, I would have thought this would have been much more widespread, given that mine is really a tiny site with a hundred or so visitors.
Further info – basically ALL the files on my site have been changed to a time stamp of 5 September 2007 12:00am
Is there anyway I can report this IP address to anyone with authority that can take some action??
Forum: Requests and Feedback
In reply to: WordPress 2.7 hacked – could be related to wp-atom.phpSame ip apparently
87.118.120.36 – – [10/Feb/2009:10:13:17 +0800] “POST /wp-atom.php HTTP/1.1” 200 44 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3”
87.118.120.36 – – [10/Feb/2009:10:13:19 +0800] “POST /wp-atom.php HTTP/1.1” 200 5 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3”
An update: they also changed the permissions of my main directory – that I can’t upload/delete/rename anything! I am checking with my webhost how they did that.
The thing I find astonishing is that only a few friends and family members know about my site. I tried and Google couldn’t find it. How did the hackers manage to find it??