Not sure how often you frequent this little site o’ mine, but earlier this week it got hacked. It was nasty. So in order to combat these sorts of attacks, I’ve decided to arm myself:
Okay, so I’m not arming the ANIMALS. I’m still rebuilding stuff slowly but the site is functioning so we can move on with business as usual. For those of you with a Wordpress blog installed on your site, I strongly recommend deploying security plug-ins. Here are a few I think work well. Web nerds, feel free to add on to this post.
Secure Wordpress
AND BY ALL MEANS, BACKUP YOUR DATABASE!! Take it from a jerk who knows.
Thanks for the links!
Hadn’t heard of Firewall or Secure Wordpress, but they look good. Armed woodchucks are a good security measure, but their union is impossible to clean up after.
My name links to a great article with security tips and some more recommended plugins. I recommend all those plugins, although the file monitor may need tweaking, as it sends out a lot of alerts with the default settings. I also haven’t tested Login Lockdown(mentioned in article), but it looks just like Limit Login Attempts, which I love.
If anybody reading this doesn’t know, you can search for these plugins right from Wordpress’s one-click install feature. If “add new” isn’t under “Plugins” in your admin sidebar, you need to upgrade Wordpress immediately, because keeping WP up-to-date is your first line of defense.
I also recommend Wordpress Database Backup, and make sure your password is at least 42 Disney characters long(or something like that).
I do believe my last comment was sent to moderation. If you fish that out, it has some recommendations.
I believe my last comment was sent to moderation. If you fish that out, it has some recommendations.
Ahh, the joys of open-source software… did you, perchance, inform the Wordpress people about this? If it’s a security hole in WP, they might want to know about it.
I did notify Tyler at Comicpress. As far as Wordpress, their response was to apply the plug-ins I mentioned. LOL
“So, you’re saying werewolves kicked the barn door off the hinges and have eaten all your cows? Uhhh… here’s a padlock, dude. Look, it’s shiny!”
Wow, so that’s what happened! Thanks for the links. I just downloaded them and did a website back-up. That’s not even something that entered my mind before. Glad to see Pinkerton is up again…
Also look into Bad Behavior and making sure you update your WordPress install ASAP after new versions come out. People get scared to upgrade for fear of breaking plug-ins, but often the new version fixes a security hole.
Anf what happened to Th3rdWorld? They’ve been down since last night, showing an index of two zerolength favicon files like their entire site was erased.
I’m sorry to hear you got hacked! For the last couple of days I’ve been bumping up my sites security, been lucky so far. *knock on wood* Another good thing to do is change the standard “admin” user name to something else.
We think the problem with Th3rd World is actually DNS related and how their URL is pointing. There are a lot of great plug-ins out there for wp security. But by all means, don’t forget to back up your stuff.
I really dig what you write on here. We try and check it every day so keep up the good posts!