OT: Decrypting PHP preg_replace Strings
J. Landman Gay
jacque at hyperactivesw.com
Mon Dec 26 00:43:29 CST 2011
On 12/25/11 9:28 PM, Sivakatirswami wrote:
> We have hackers on our web server getting in thru one Domain... I think
> there is a whole in WordPress.
My hosting provider, JaguarPC, just released this notice four days ago.
Sounds like a similar thing.
Wordpress Security Advisory
We are currently seeing a high number of Wordpress installations
being hacked due to out of date scripts, plugins, and themes. The folks
at Wordpress are very good about releasing fixes whenever they hear
about a new exploit. Please take some time to check your installations
and update everything noted in your WP admin panel under Updates
including anything installed such as a theme or plugin that is not
currently being used. Consider removing unused items for better security.
Wordpress 3.3 was just released as well as updates for their 2
Now is also a good time to harden the security of your blogs. There
are lots of things you can do to protect your blogs from hacking.
WPsecure has tips and info on recent exploits. See also Hardening
WordPress « WordPress Codex . Many more tips are available by using
search engines to search for "securing wordpress". A little time spent
now on this can prevent huge headaches and downtime in the future.
There are numerous security plugins you can install such as Login
Lockdown, WP Security Scan, and Mute Screamer. I highly recommend them.
Before making any changes, be sure to make a full backup of your
account in your control panel under Backups. Wordpress users should also
be doing routine database backups either with a cron job or a plugin
named WordPress Database Backup. The database is the heart and soul of
any blog. Scripts can easily be reinstalled but not lost data without
Jacqueline Landman Gay | jacque at hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
More information about the use-livecode