security

You are here:
breaking in
Looks like there has been another attack on GoDaddy hosted WordPress blogs just this weekend. According to BlogcastFM, the “hack appears to redirect visitors upon arrival from Google and attempts to install malware on their computers.” Sid gives you advice on how to recognize and fix the hack at Warning! Massive Number of Godaddy Wordpress Blogs Hacked This Weekend. How to get rid of malware on your PC This explains why my desktop PC and netbook were infected with the myblindstudioinfoonline.com malware this weekend. Every time I opened up my browser (both IE and Firefox), a fake Windows-style page would show up telling me I had a virus and needed to download a program.
Odd files Now that the files are updated take a look in Smart FTP for anything unusual. Sort the files by date modified. You will most likely find a strange file or two. Compare the file list to the new versions you just uploaded. You could find odd files like “index.main.php” and other strangely worded index and cat pages. Double check that the “odd” files they are not part of the WordPress download and then delete them. Take a look at your .htaccess file in your root. It should only have this unless you are using some plugins like wp-cache that would re-write it. Even so, those plugins should clearly identify themselves. The code should be: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress
Copyright-symbol
We’re 20 days into the new year. Have you changed the copyright date on your blog yet? (I just did it yesterday on both my personal blogs and the blogs here at Mom Central. Oops.) According to Brad Templeton in his post, 10 Big Myths About Copyright Explained, “almost all things [including blogs] are copyrighted the moment they are written, and no copyright notice is required.” Still, it looks more professional if have a copyright notice somewhere on your blog – either in the sidebar and/or on your about page.
Take preventive measures to protect your WordPress blog So besides backing up, what can you do to protect yourself from getting hacked into and hijacked? Hetal and Anuja at Show Me the Curry, who have had numerous attempts on their site, offer this advice for people with self-hosted WordPress blogs: