Filed under: Security, Blogging, Web services, Web
WordPress Exploit Scanner helps you keep your install clean
WordPress has become a victim of its own popularity. The blogging-based content management system powers a huge amount of websites, and has become a target for hackers. Site hacks have been around for a long time, but recently they seem to have evolved.
In the past hackers would gain control of a site just to prove that could, then typically post a quasi-incoherent message on the site to prove their hacking prowess and illiteracy. Now hackers have become more advanced, and hacking has become financially motivated. Hacks include embedding links (some hidden, some not) for the purposes of gaming search engines, and instead of crowing about their conquest, hackers are now trying to hide and cover their tracks as much as possible.
This means that site owners are losing their confidence that their sites have not been compromised. With recent highly publicized exploits that allowed hackers to take control of out-of-date WordPress installations, it became even more important to make sure your site is clean.
If you're running a WordPress site on your own server, one step you can take to make sure that it is clean is to install and run the WordPress Exploit Scanner plugin. Beware, the exploit scanner is very thorough, and it will likely report a lot (and I mean a LOT) of false positives. It essentially reports any hiding behavior, which some of the plugins on your site might be doing for very normal reasons.
Even with the false-positives, the WordPress Exploit Scanner is a useful tool in any blogger's toolbox.
So, just how good at time waster games are you? Think you've got the stuff? Well, The World's Hardest Game 2.0 doesn't think you do.
Yes, amazingly, it's possible to have a sequel to a game called "The World's Hardest Game". It doesn't seem logically possible, since if the first one was actually the world's hardest, how could another one come along and share the moniker? It made me doubt the name in the first place. That is, until I tried the game.
The mechanics of the game are very simple. You are a small red square, ...
Reader Comments (Page 1 of 1)
Michael Argast said 12:32PM on 11-02-2009
Considering that we (Sophos) discover a new infected web page every 3-4 seconds, and a huge number of these are compromised blogs running stock software (such as Wordpress) this is definitely a step in the right direction. It would be great if this sort of functionality were included by default - I'm sure that many people will be unaware of the availability of these tools.
Michael Argast, Security Analyst, Sophos
Reply