just thought I'd explain what happened yesterday to some customers who have Wordpress sites.
Wordpress released a new version on the 12 of December. Hackers across the net took their last opportunity to exploit versions below Wordpress 3.8, using a brute force attack. Once I had found compromised sites, I then proceeded them to prevent the exploit working, which was to get you to login to your wordpress site, sending them your password! From records, only 1 customer did this, and they already know about it.
Wordpress 3.8 has many excellent features, including an automatic update feature (finally, it's a huge thing) and it seems hackers took their last opportunity to launch an attack on the old sites running wordpress.
Ssadly some customers sites were running older versions (even ones that were a few weeks old) and these had a security vulnerability. Wordpress updates can be performed by yourselves in the admin area, although often plugins can sometimes not be compatible so you must test your site first, or take the plunge and revert to a backup if it all goes wrong. Or get a professional to do it. Unfortunately I can't proactively do this for free, as it can take 15-30 minutes a site, assuming no coding changes are required.
That said, I've cleaned, to the best of my knowledge, the damage that was done, updated your wordpress installs, and installed some security plugins to help secure wordpress (including anti brute force).
So, for many of you I have changed your Wordpress login usernames, if you need to regain acccess please drop me a ticket to support@ecommerce-sussex.co.uk
In response to this, I've ordered a new dedicated server, (with solid state discs which are super fast) and I'll be moving customers over to a newer more secure system, called Cloudlinux, and a few other improvements.
For peace of mind, it wouldn't hurt to change your passwords for the following:-
- cPanel
- Email Accounts (yes a pain I know).
- Any other Websites which had the same password as your Wordpress Installation.
They wouldn't of had access to your Email Password, but if you used the same password everywhere, then definitely change it. Personally, every single password i use is random, and this is why. As complicated as that sounds, use a Password manager, I like Roboform but there are good alternatives.
If you see anything suspcious on your sites, please contact me ASAP.
Merry Christmas everyone ! :)
David
Saturday, December 21, 2013
Powered by WHMCompleteSolution