If your site uses standalone WordPress (not WordPress.com) and you have not upgraded recently, your site is vulnerable to a new attack that exploits security holes in earlier versions. This attack affects ALL versions of WordPress before 2.8.4. This is why it is so important to upgrade whenever you see that 'there is a new version of WordPress available' notice at the top of your administration screen.
If you're not using the latest version, 2.8.4, you should take a few minutes and upgrade your WordPress immediately. Instructions on how to do this were in the June edition of this newsletter. How do you know which version you're on? You'll see that nag message telling you to update at the top of every admin page.
How do I know if my site's already been attacked?
Two things will let you know - you might see either or both:
- You're seeing strange characters in the page names of your WordPress website, like this: "example.com/category/post-title/%&(%7B$%7B
eval(base64_decode($_SERVER%5BHTTP_ REFERER%5D))%7D%7D|.+)&%/." The main words to look for are “eval” and “base64_decode.”
- A hidden Administrator has created another user account. Check under 'Users' to see if there's an account shown there that you don't recognize. If there is, you probably won't be able to easily remove it.
If your site has not been attacked, upgrading now will prevent that from happening. Right now 2.8.4 is being monitored carefully and if any problems begin to appear, WordPress will release a new security update for it.
What do I do if my site has been attacked?
The database is affected. It currently looks like the best approach is to export the post content and comments of the site using the WordPress export tool, completely remove the copy of WordPress, and install the most current version. However, a sure fix is still not provided and the database itself should not be exported.
For more information
For a more in-depth discussion of what's going on with WordPress, here are some resources:
How to Keep WordPress Secure
Old WordPress Versions Under Attack
WordPress Attack Underway
Since this appears to be WordPress month - Win a free book! We're giving away a free copy of one of our favorite books for bloggers, 'Building a WordPress Blog People Want to Read.' To win, answer this question: Self-hosted (standalone) WordPress is the top blogging platform among the top 100 blogs, according to blog indexing site Technorati, used by 27% of them. What percentage does the hosted version, WordPress.com, claim?
- 5%
- 10%
- 25%
The first correct answer wins; send your answer to info@redkitecreative.com.
Contact Red Kite if you have questions about this newsletter or making your WordPress blog more secure.