There are two clues that your WordPress site has been attacked.
There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”
The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize. You will probably be unable to access that account, but Journey Etc. has a possible solution.
WordPress.com blogs are not impacted as they are up-to-date. Only versions prior to WordPress 2.8.4 are impacted.
Otto42 of OttoDestruct, a key WordPress developer and supporter, reports that there is an “attack” on older versions of WordPress right now. The number of sites hit by this is growing every hour. Protect your WordPress blog now: UPDATE NOW!!!
Update your WordPress blog before you continue reading this post. That’s how critical this issue is.
Things You Need to Know Now
Here is what you need to know right now, constantly updated with news as we get it.
UPDATE NOW! Reports are that this attack impacts ALL versions of WordPress up to 2.8.3 and 2.8.4, the most recent release.
NOTE: These tips are for beginning WP developers who are coding themes for their own site, or experimenting with theme development. Most likely, these tips would not apply to custom downloaded themes that are pre-built and probably already have many of these customizations.
Liked it or not, if you have a new wordpress.org blog, then you have to install some plugins to maximize the performance of the blog. Although very easy to install, use this plugin must be tailored to the needs so as not to burden the loading time and not cause problems to the hosting.
From my experience setting up a new blog, I think the following 10 appropriate plugin installed on a new wordpress blog. Surely this is not a minimum amount due at any time can be added if you need the other features according to your blog needs.
You’ve heard how good Wordpress is in terms of expandability, customization and you decided to give it a try. Installing a basic copy of Wordpress won’t take too long; but if you are looking for more stability, traffics, search engine optimization, etc, here’s few of my recommendation – The things you should do after installing Wordpress.
Flash is one of the media to view video files in the post on a website like youtube or metacafe. To post a video on the website, the video can be viewed directly, usually using a script called embed. If you want to use WordPress to build a site that often use flash or embed the video, here are some plugins that can help support you.
NOTE: These tips are for beginning WP developers who are coding themes for their own site, or experimenting with theme development. Most likely, these tips would not apply to custom downloaded themes that are pre-built and probably already have many of these customizations.
Flash is one of the media to view video files in the post on a website like youtube or metacafe. To post a video on the website, the video can be viewed directly, usually using a script called embed. If you want to use WordPress to build a site that often use flash or embed the video, here are some plugins that can help support you.
