- Impact
- 5,157
I was reading a post from ipower.com's facebook page, thought it might be of interest:
- - - - - - - - - -
To all customers whose Wordpress site has recently been compromised:
Through our research we have found that we were one of many hosting solutions whose customer's Wordpress sites may have been compromised. That research shows that someone is using a script or application that allows them to read your wp-config.php file and compromise the database with the information from that file. This allows them to inject information into your Wordpress database including, but not limited to, links to malware sites and other malicious scripts.
There are several options that would allow you and the other compromised sites to protect yourself. One would be to write some additional code into the .htaccess file protecting the wp-config.php file. (Advanced users only.) Another would be to change the wp-config.php file's permissions to something like 640 as a protection measure. (Advanced users only.)
The best solution we can recommend, however, would be to add a firewall plugin to your Wordpress. The one recommended to us it the WordPress Firewall 2 plugin available at http://wordpress.org/extend/plugins/wordpress-firewall-2/. This should block that application from seeing your configuration. We've tested it on a few sites our agent use and it has not had any ill-effect on their site's visibility or accessibility.
If you still have the malicious links on your site at this time, please submit a ticket in the Support area of your Control Panel. Please use the Subject line: "Compromised Wordpress Installation" to allow us to identify and address these tickets as quickly as possible.
Additionally, it is our recommendation that you update your Control Panel and FTP passwords to new, different, and secure passwords. You should also update both the database user and the password connected to that user to something new, different, and secure.
If you have any additional questions or concerns, please leave a comment here, contact our support at (888) 511-4678, or submit a ticket through the Support area of your Control Panel.
Thank you,
IPower
- - - - - - - - - -
- - - - - - - - - -
To all customers whose Wordpress site has recently been compromised:
Through our research we have found that we were one of many hosting solutions whose customer's Wordpress sites may have been compromised. That research shows that someone is using a script or application that allows them to read your wp-config.php file and compromise the database with the information from that file. This allows them to inject information into your Wordpress database including, but not limited to, links to malware sites and other malicious scripts.
There are several options that would allow you and the other compromised sites to protect yourself. One would be to write some additional code into the .htaccess file protecting the wp-config.php file. (Advanced users only.) Another would be to change the wp-config.php file's permissions to something like 640 as a protection measure. (Advanced users only.)
The best solution we can recommend, however, would be to add a firewall plugin to your Wordpress. The one recommended to us it the WordPress Firewall 2 plugin available at http://wordpress.org/extend/plugins/wordpress-firewall-2/. This should block that application from seeing your configuration. We've tested it on a few sites our agent use and it has not had any ill-effect on their site's visibility or accessibility.
If you still have the malicious links on your site at this time, please submit a ticket in the Support area of your Control Panel. Please use the Subject line: "Compromised Wordpress Installation" to allow us to identify and address these tickets as quickly as possible.
Additionally, it is our recommendation that you update your Control Panel and FTP passwords to new, different, and secure passwords. You should also update both the database user and the password connected to that user to something new, different, and secure.
If you have any additional questions or concerns, please leave a comment here, contact our support at (888) 511-4678, or submit a ticket through the Support area of your Control Panel.
Thank you,
IPower
- - - - - - - - - -
