Symeon Mattes
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: Security hole in wordpress 3.1.3Thanks for the plugin…I will check this and the others that JusticeIsMade proposed and I will come again.
Could you please describe me the result of the hacking? What I had for instance was the following:
- A new post was published
- wp_options was totally changed
- all the theme files I had had been changed. The strange thing was that the style.css had html code inside
- Every time I was loading the front page I had javascript errors. This resulted in the browser (ie,chrome,firefox) not to respond, e.g. I couldn’t select text, or open firebug, etc
I have kept the hacked database and files and I will try to check it this Weekend. The team which had hacked by website was called AHG-Crew and this is supposed their logo video (http://www.youtube.com/watch?v=j2QBul0RQnU).
I will inform you if I find anything.
Best Regards
Forum: Fixing WordPress
In reply to: Security hole in wordpress 3.1.3Hi mannyreyes,
Have noticed any strange behavior at the time you were hacked? I’m saying this because the time I was hacked the CPU/RAM level started increasing rapidly. To tell you the truth first I noticed this strange behavior of the server and then I got suspicious and I checked the site.
I don’t think it has to do with vulnerability of the server because in the same server resides also some other websites and they were kept untouched.
I’m trying to check the log files and any strange behavior at the time of hacking since it seems that the CPU/RAP increase is relevant.
If you think you have any information, it would be wonderful
Best Regards
Forum: Fixing WordPress
In reply to: Security hole in wordpress 3.1.3Thanks…I will check them.
I still didn’t understand how to inject a database by just forgetting a semicolon…since it’s just for separation of sql commands…
Never mind…I will check the plugins…Is it possible to check a php script for vulnerabilities. Are there any tools?
Thanks again
Forum: Fixing WordPress
In reply to: Security hole in wordpress 3.1.3Moreover…what do you mean “For a sql injection you only need a forgotten ; at the end of one table.”
Could you give me an example?
Forum: Fixing WordPress
In reply to: Security hole in wordpress 3.1.3Hi JusticeIsMade,
Thanks for your reply.
A small correction. The version I was using was 3.1.3 and I upgrade it to 3.1.4 (Sorry for the misunderstanding).
I’m pretty sure that it was SQL injection but I’m just trying to understand in which part of the code.
Thanks
The best translation manger plugin for wordpress is according to my opinion wpml. It seems to be well written, but it’s only for basic things, i.e. translating your posts from one language to another, and that’s it.
I think the best choice is to have a totally new database without overloading your system with extra plugins.
For newsletter campaigns I prefer more professional solutions, which however most of the times cost a lot. Though, http://mailchimp.com/ is one of the best email marketing manager and moreover it’s free for the first 2000 users and newsletters once per day. There are also a plugin for wordpress, but mailchimp gives you the code you would need in order to include it in your site
I don’t think there is. I think that this plugin is only useful in simple situations, like translating your posts to different languages. Otherwise the best solution is to have a totally different database.
Even if they make it work with wpml, there are some other modules that do not. For instance I use also the Facebook connector, and I would like to sent each post to different facebook/twiter accounts according to its language.
What do you mean if the widget-login plugin supports PHP? I had a problem translating the title of a plugin I used, i.e. Tabbed Widgets.
Thanks again for your reply…
Forum: Fixing WordPress
In reply to: Influence the LoopOk…thanks…it worked