I haven’t posted anything this whole month because one of my servers got hacked and I’ve spent the last three week working on a new plugin to scan and remove malicious software from my server.
It wasn’t enough for me to just remove the hack. I had to make sure it wouldn’t come back and because it was such a widespread exploit I thought it would be good to release a plugin for other website admins to check their site for themselves.
I looks like my infestation of nasty scripts came in through a vulnerability in an older version of timthumb.php. Apparently any version older that 2.0 can be used to place a file on the server. If that file is a back-door of some kind then the person who put it there could have full access to your server.
I’m still testing and working out the kinks in my security scanner but it should be ready soon…
Related Posts by Tags
- New plugin – EZ Google Analytics (Oct 8th, 2014)
This plugin includes your Google Analytics tracking code on your pages and posts.
Download it here: wordpress.org
- Happy Birthday Blog (Oct 8th, 2012)
This Blog is one year old today. Now I can use the SMALY Widget that I wrote for the SHH Blog on this Blog. You can see links to my one-year-old posts on the sidebar under "THIS TIME LAST YEAR".
- Finally available in the WordPress Repository (Aug 29th, 2012)
I went ahead and released this Widget as is. I was hoping to get a sponsor for it's release but it looks like it will just be another free plugin that I work on in my "spare" time.
You can ...
- A New WordPress Widget for SHH Blog (Apr 4th, 2012)
I just created a small Widget for the SHH Blog that runs a simple query to find posts posted around the same time last year.