Wordpress Tutorials

A nasty attack is was found exploiting security holes in previous versions of the blogging software, creating a new “hidden” Administrator account and getting right down to the database level. These attacks are said to be “growing by the hour”. Lorelle (who first discovered it) writes:

There are two clues that your WordPress site has been attacked.

There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize. You will probably be unable to access that account.

All users are advised to upgrade to the latest version of WP, while those already affected are in for a trying weekend: you’ll likely need to export your all your content with the built-in XML WordPress export, uninstall and reinstall WordPress and re-import the content. It’s a nasty attack that goes all the way into the database, so exporting the database will result in exporting the hacked code too.

For those unaffected: UPGRADE TODAY !

For those affected: the WordPress community is here to help.

Update:

WordPress has responded to news today that outdated versions of the popular blogging software are vulnerable to a new attack. The attack affects only self-hosted versions of WordPress, not those at WordPress.com. The organization’s advice is simple: if you aren’t using the most recent version (2.8.4), upgrade now to avoid problems.

This isn’t really a problem with WordPress: those who have been upgrading regularly, as advised, are not affected. And WordPress has made it increasingly easy to upgrade, now just requiring a single click.

WordPress founder Matt Mullenweg writes of the vulnerability:

2.8.4, the current version of WordPress, is immune to this worm. (So was the release before this one.) If you’ve been thinking about upgrading but haven’t gotten around to it yet, now would be a really good time. If you’ve already upgraded your blogs, maybe check out the blogs of your friends or that you read and see if they need any help. A stitch in time saves nine.

…WordPress is a community of hundreds of people that read the code every day, audit it, update it, and care enough about keeping your blog safe that we do things like release updates weeks apart from each other even though it makes us look bad, because updating is going to keep your blog safe from the bad guys. I’m not clairvoyant and I can’t predict what schemes spammers, hackers, crackers, and tricksters will come up with in the future to harm your blog, but I do know for certain that as long as WordPress is around we’ll do everything in our power to make sure the software is safe. We’ve already made upgrading core and plugins a one-click procedure. If we find something broken, we’ll release a fix. Please upgrade, it’s the only way we can help each other.

Coming to you:

Are you effected ? Or you know someone who is going through some serious Wordpress Issues? We’re here to help ! Let us know via comments ! Don’t forget to re-tweet and help others know !

Related posts:

1. How to Change Wordpress Password through PhpMyAdmin
2. Imprezz – Free Wordpress Theme