BPWrap - Latest Comments in How Wordpress Blogs Are Hacked | BPWrap

Re: How Wordpress Blogs Are Hacked | BPWrap

Barry Welford — Thu, 10 Jul 2008 09:01:26 -0000

I would still strongly recommend using WordPress rather than Blogger. What you gain with functionality and SEO far outweighs the small amount of effort required to maintain a high security level.

Re: How Wordpress Blogs Are Hacked | BPWrap

Web Hosting Hints — Thu, 10 Jul 2008 02:23:05 -0000

Wow, what a revelation. I was still using blogger for my blogs. I was searching for info. on wordpress. I want to get into it. After reading this, I'm a little bit more cautious.

Re: How Wordpress Blogs Are Hacked | BPWrap

r3ck0rd — Mon, 07 Jul 2008 11:42:42 -0000

I don't know if "spamming" considered as hacking.
I would recommend Yawasp against spamming by the way. (Admin note: Yawasp is in German.)

Re: How Wordpress Blogs Are Hacked | BPWrap

Barry Welford — Sat, 05 Jul 2008 12:53:18 -0000

There is always the possibility that a plugin has not been made as securely as it should. It's important to stay aware of developer comments about plugins and watch out for security loopholes. Normally the most popular ones should not give problems.

Re: How Wordpress Blogs Are Hacked | BPWrap

Web Design Philippines — Sat, 05 Jul 2008 06:13:37 -0000

They said, some plugins that you install in wordpress can hack you? Is that true?

Re: How Wordpress Blogs Are Hacked | BPWrap

Joshton — Sun, 01 Jun 2008 14:44:45 -0000

I think the best way for hackers to hack wordpress is through some sort of injection through the browser URL bar. Before the recent upgrades, XSS (cross ssite scripting) were the most common, especially through the editor.

Re: How Wordpress Blogs Are Hacked | BPWrap

XStrafer's WebPlace — Thu, 08 May 2008 17:32:46 -0000

great ideas! thanks a lot for a good article

Re: How Wordpress Blogs Are Hacked | BPWrap

Barry Welford — Wed, 26 Mar 2008 08:28:51 -0000

Thank you, Lynne. I think they are just the essential 'house maintenance' that we must all get involved with for peace of mind.

Re: How Wordpress Blogs Are Hacked | BPWrap

Lynne Foster — Wed, 26 Mar 2008 08:20:53 -0000

Some excellent tips there - thanks!

Re: How Wordpress Blogs Are Hacked | BPWrap

Barry Welford — Thu, 21 Feb 2008 15:30:47 -0000

I guess an alternative way, Diane, is to allow access only to IPs that you control. I'm not sure whether that blocks people registering.

Re: How Wordpress Blogs Are Hacked | BPWrap

DianeV — Thu, 21 Feb 2008 15:09:49 -0000

I agree, Barry.

I looked through some of the examples at the links you provided. I think one thing that can be helpful is that, if you don't need for people to register, to simple put a password on the wp-admin folder. At least, that's one thing out of the way.

Re: How Wordpress Blogs Are Hacked | BPWrap

Barry Welford — Thu, 21 Feb 2008 09:14:25 -0000

Thanks, Diane. Your two points re database back-up and finding the hole are very sound advice. The latter is sometimes not easy unfortunately.

Re: How Wordpress Blogs Are Hacked | BPWrap

Diane Vigil — Thu, 21 Feb 2008 06:12:35 -0000

Excellent post, Barry.

Your caution about having backups is important; without backups, you're open to all kinds of things happening, including simple error. That would include backing up your database on an ongoing basis, as some hacks may insert stuff in the database.

I also think that, if your WordPress blog gets hacked, it's vital to look into *how* it got hacked so that you can plug the hole.

Re: How Wordpress Blogs Are Hacked | BPWrap

Barry Welford — Wed, 20 Feb 2008 09:47:31 -0000

Thanks for stopping by, Wayne. I would suggest doing a backup just before the weekend: that's a time of higher risk.

Re: How Wordpress Blogs Are Hacked | BPWrap

Wayne Liew — Wed, 20 Feb 2008 04:32:40 -0000

First of all, thanks for the link.

I guess one should always have their blogs backed up. At least even if a hacker is smart enough to break though every barrier that we have set up, we still have something to fall back onto.