My blog - HACKED - then SPAMMED (every post). Hosting company response inside
I'd like to get input from any WF members please...
__________________________________
Text below is what I received from hosting company:
__________________________________
Hello,
The reason causing the issue is The do_trackbacks() function in wp-includes/comment.php does not properly escape the input that comes from the user, allowing a remote user with publish_posts and edit_published_posts capabilities to execute an arbitrary SELECT SQL query, which can lead to disclosure of any information stored in the WordPress database.
Unfortunately the bug still exist in the most stable version of the wordpress. They have not came with a patch for this bug.
And let me clarify that this has nothing to do with the server security settings. neither this can be prevent with any security feature in server, because its an application abuse due to the bug in WordPress.
Many of the users are reporting this issue in the intenet and some open source have claimed that they have found a patch for this, but we can't assure whether it works or create more security issues because they are not from authenticated source.
You can refer this link WordPress: Information Disclosure via SQL Injection Attack « WordPress « Ars Longa, Vita Brevis where they have provide a patch for this, but let me clarify that we wont be responsible for this patch. Its not from an authenticated source.
If you still see any link or injection, just run this querry in the phpmyadmin which will be removing the link
================================================== ============================================
UPDATE wp_posts SET `post_content`= REPLACE (`post_content`, 'injected string', '')
================================================== ===============================================
In the above query replace the "injected string " with the string that you want to remove from your domain.
eg:- UPDATE wp_posts SET `post_content`= REPLACE (`post_content`, '<a href="SPAM LINK">westernunion</a>', '')
Also when you install a new plugin or theme to your wordpress, please make sure it is not vulnerable. Its better not to install any plugins form unauthenticated source.
** Follow Me On Twitter, Por Favor. I Auto-Follow. Thx! **
Nothing to see here folks.....move along.
Time for a cuppa.
Nothing to see here folks.....move along.
Roger Davis
Roger Davis
"Procrastination is like a credit card: it's a lot of fun until you get the bill" Christopher Parker
The 2nd Amendment, 1789 - The Original Homeland Security.
Gun control means never having to say, "I missed you."
Nothing to see here folks.....move along.
Running low on inspiration? The Strangest Secret in the World
Our Brands - Website and VPS Hosting by PhotonVPS and Dedicated Hosting by Psychz
Free Case Study - See What You Can Do If You Can Copy & Paste
Need a QR Code? Check out my QR Code Generator. It's FREE!
- Haas
- CP - IT Solution Blog
- Growviews - Get views for your Youtube videos
- Forex & CFD Affiliate Program / Referral Program
The 2nd Amendment, 1789 - The Original Homeland Security.
Gun control means never having to say, "I missed you."