Filed under: Security, Blogging, Web services, Web
WordPress Exploit Scanner helps you keep your install clean
WordPress has become a victim of its own popularity. The blogging-based content management system powers a huge amount of websites, and has become a target for hackers. Site hacks have been around for a long time, but recently they seem to have evolved.
In the past hackers would gain control of a site just to prove that could, then typically post a quasi-incoherent message on the site to prove their hacking prowess and illiteracy. Now hackers have become more advanced, and hacking has become financially motivated. Hacks include embedding links (some hidden, some not) for the purposes of gaming search engines, and instead of crowing about their conquest, hackers are now trying to hide and cover their tracks as much as possible.
This means that site owners are losing their confidence that their sites have not been compromised. With recent highly publicized exploits that allowed hackers to take control of out-of-date WordPress installations, it became even more important to make sure your site is clean.
If you're running a WordPress site on your own server, one step you can take to make sure that it is clean is to install and run the WordPress Exploit Scanner plugin. Beware, the exploit scanner is very thorough, and it will likely report a lot (and I mean a LOT) of false positives. It essentially reports any hiding behavior, which some of the plugins on your site might be doing for very normal reasons.
Even with the false-positives, the WordPress Exploit Scanner is a useful tool in any blogger's toolbox.
I don't know if this is a labor of love or merely the brainchild of four very gifted games designers, but Level Up is a really weird mash-up of gaming elements that you have probably never seen in a Flash game before.
Let's start with the premise itself: Groundhog Day meets Memento. The game experience revolves around 'days': you explore the world and the clock slowly ticks towards the evening. You bounce around picking up gems and talking to the denizens of 'Level Upland'. Eventually you feel tired and head back to ...
Reader Comments (Page 1 of 1)
Michael Argast said 12:32PM on 11-02-2009
Considering that we (Sophos) discover a new infected web page every 3-4 seconds, and a huge number of these are compromised blogs running stock software (such as Wordpress) this is definitely a step in the right direction. It would be great if this sort of functionality were included by default - I'm sure that many people will be unaware of the availability of these tools.
Michael Argast, Security Analyst, Sophos
Reply