i better get a better door lock.

I was surprised because we had taken every security measure prior to this attack (with the exception of removing the generator tag — oops! — meant to do that but forgot on one of the templates). We had renamed the table prefix, had limit login attempts and the SEO WP Firewall plugins installed, were using limited plugins, did not use admin for username and had very strong passwords.

I’m reading these comments to see what I can do to scan to find out what caused the hack. Of course, Network Solutions was completely unresponsive and unavailable by phone, so it’s quite frustrating to watch hour by hour a hacker logged into your site and changing files (even after we changed all the passwords AGAIN and updated to 2.9.1). At one point, I changed the permissions on the themes folder, and the hacker promptly responded by deleting all my theme’s files. He was definitely watching my every move and responding in kind to my various attempts to block — in a personal not robotic way. Very creepy and annoying since I couldn’t get through to Network Solutions after being on hold for more than 30 minutes with no sense of a queue and just repetitive playing of Pachelbel’s Canon. I think they do that to encourage you to hang up.

(And this is coming from someone who loves Drupal far more than WordpresS)

See here: http://ottodestruct.com/blog/2009/hacked-wordpress-backdoors/

How many WordPress sites are there? How many Drupal sites?

Thought experiment: You’re a malware author. What do you target?

Anyway, kudos to WordPress for the one-click upgrades of everything – core, plugins, themes. This process is so painful with Drupal!

many design and webdevelopment type sites have regular compiled lists of free themes and I have taken a couple apart and some had the encrypted string in the footer file

The most important thing about any CMS is to stay up to date.

I use the WP Security Scanner plugin on all of my WordPress sites, and I seem to keep relatively hack free. By relatively, I mean that there are hacking attempts, but they never get very far. Is this a plugin you would recommend for everyone, or is there another as well?

I am also a Drupal user, but am willing to take the risk with WordPress because of its user-friendly backend and its SEO and SMO superiority. If we as developers are using FREE software, we should be privy to the responsibility and risk that comes with it.

Thanks for all you do, Matt!!

apparently it is to keep unscrupulous people from editing out the credit in the footers of themes, but in most cases it carries nasty backdoor entries into your wp install and ultimately the servers on which your blog is hosted

so stick to either the themes from wordpress.org or pay someone to customize or design your desired theme from scratch

just my 0.002 :)