One of the issues I help clients with is repairing hacked content and preventing future occurences — I received an email from a prospective client the other day – a wordpress site had been exploited with some pornographic content and they needed help.
With WordPress, as with most web services, there are 3 primary attack vectors: the web code, the database, and the underlying host. The most common WordPress exploits take advantage of relaxed permissions and insecure coding practices in the theme or plugins that are installed. Many WordPress hacks can be prevented through timely patching, complex passwords, and the use of reliable and supported themes and plugins.
This particular installation had been using a theme that was no longer supported and had at least one very serious remotely exploitable vulnerability reported on it.
Lessons learned:
- keep it up to date
- protect your data through
- complex passwords
- good filesystem permissions
- do not run as root
- do not allow remote access to mysql (port 3306)
Leave a Reply