After reading through a few long threads about Wordpress Security I think it is safe to say it can be a huge problem for a lot of us using Wordpress. Especially for the people who aren't technical savvy. I came across a post about another issue you have to worry about for your Wordpress sites. Now, this kind of issue is a scary one. You could have your install locked up like Alcatraz and you still aren't completely safe from exploits. Although this has probably been discussed before here I think it is worth bringing up again.
More Wordpress Hack Problems
13
After reading through a few long threads about Wordpress Security I think it is safe to say it can be a huge problem for a lot of us using Wordpress. Especially for the people who aren't technical savvy. I came across a post about another issue you have to worry about for your Wordpress sites.
Now, this kind of issue is a scary one. You could have your install locked up like Alcatraz and you still aren't completely safe from exploits. Although this has probably been discussed before here I think it is worth bringing up again.
If you are downloading themes and plugins you have to be careful who you are getting them from. A site called WPSphere (I am not going to link to it you can Google it to check it out) is releasing free themes with a nasty little twist. They are injecting malicious code into the header files.
This quote is by a guy named Paul Carrol who is a coder who found the exploit in a theme he downloaded.
The lesson in all of this is you need to know what the normal default coding looks like for Wordpress if you want to stand a chance at not having this happen to you. You don't need to be a programmer to go through the files to see if you have anything suspicous in the coding. The malicious code might not always stick out like a sore thumb like this does but get an idea of how Wordpress works to keep yourself safe. You might want to check your sites if you downloaded any themes that weren't from the developers site.
I included a screenshot of what this code looks like.
Now, this kind of issue is a scary one. You could have your install locked up like Alcatraz and you still aren't completely safe from exploits. Although this has probably been discussed before here I think it is worth bringing up again.
If you are downloading themes and plugins you have to be careful who you are getting them from. A site called WPSphere (I am not going to link to it you can Google it to check it out) is releasing free themes with a nasty little twist. They are injecting malicious code into the header files.
This quote is by a guy named Paul Carrol who is a coder who found the exploit in a theme he downloaded.
The lesson in all of this is you need to know what the normal default coding looks like for Wordpress if you want to stand a chance at not having this happen to you. You don't need to be a programmer to go through the files to see if you have anything suspicous in the coding. The malicious code might not always stick out like a sore thumb like this does but get an idea of how Wordpress works to keep yourself safe. You might want to check your sites if you downloaded any themes that weren't from the developers site.
I included a screenshot of what this code looks like.
- Joe721
- mikeyh
- [1] reply
- Michael D
- edynas Banned
- [1] reply
- Michael D
- [1] reply
- mikeyh
- edynas Banned
- [1] reply
- Michael D
- TheRichJerksNet
- edynas Banned
Next Topics on Trending Feed
-
13