Filed under: Security, Blogging, Web services, Web
WordPress has become a victim of its own popularity. The blogging-based content management system powers a huge amount of websites, and has become a target for hackers. Site hacks have been around for a long time, but recently they seem to have evolved.
In the past hackers would gain control of a site just to prove that could, then typically post a quasi-incoherent message on the site to prove their hacking prowess and illiteracy. Now hackers have become more advanced, and hacking has become financially motivated. Hacks include embedding links (some hidden, some not) for the purposes of gaming search engines, and instead of crowing about their conquest, hackers are now trying to hide and cover their tracks as much as possible.
This means that site owners are losing their confidence that their sites have not been compromised. With recent highly publicized exploits that allowed hackers to take control of out-of-date WordPress installations, it became even more important to make sure your site is clean.
If you're running a WordPress site on your own server, one step you can take to make sure that it is clean is to install and run the WordPress Exploit Scanner plugin. Beware, the exploit scanner is very thorough, and it will likely report a lot (and I mean a LOT) of false positives. It essentially reports any hiding behavior, which some of the plugins on your site might be doing for very normal reasons.
Even with the false-positives, the WordPress Exploit Scanner is a useful tool in any blogger's toolbox.
WordPress Exploit Scanner helps you keep your install clean originally appeared on Download Squad on Mon, 02 Nov 2009 09:00:00 EST. Please see our terms for use of feeds.
Read | Permalink | Email this | Comments
No comments:
Post a Comment