Archive for April, 2010
WordPress.org responds to ‘security issues’ claim
A rather vexed member of the WordPress.org team has responded to recent ‘security issues’ suffered by WordPress bloggers hosted with Network Solutions:
Summary: A web host had a crappy server configuration that allowed people on the same box to read each others’ configuration files, and some members of the “security” press have tried to turn this into a “WordPress vulnerability” story…
A properly configured web server will not allow users to access the files of another user, regardless of file permissions. The web server is the responsibility of the hosting provider. The methods for doing this (suexec, et al) have been around for 5+ years.
I’m not even going to link any of the articles because they have so many inaccuracies you become stupider by reading them.
So, just to make it clear: your WordPress installation hosted with Blue Globe is as secure as ever, because we do configure our servers properly. Just in case you had heard any of these security rumours I thought I’d put your mind at rest.
WordPress 1.9.2 Hack to be aware of
Posted by admin in Security Alert, Wordpress on April 12, 2010
We have become aware of a WordPress hack that seems to be affecting WordPress 1.9.2, the current latest version of WordPress. No one seems to be sure how the hack is happening but the effects seem to be (according to ghacks.net):
Attackers either manipulate the blog to spread malware (more recently) or to cloak links that are only visible to search engines
No one seems to have mentioned anything on the WordPress forums, but you can read more on the following blogs:
- Christopher Penn – Find the Latest WordPress hack (this website includes a fix, but not protection, yet)
- WPblogger – Google Cloaking Hack Targeting WordPress
We’ll keep you posted if we get any updates. In the meantime, you might want to install a WordPress plugin like Antivirus for added protection.
WordPress Resources roundup
From now on every Friday we’ll be bringing you the latest web design / social media / WordPress news and resources from around the globe.
Resources and free stuff
- 35 Awesome Twitter Plugins for WordPress – W3 Magazine
- Best WordPress plugins: March 2010 – Ajaxline
- Extremely Useful Comment Plugins for WordPress
- 10 WordPress Plugins That You Didn’t know About -n.design Studio
- 10+ Must have Plugins if You have Multiple Authors in WordPress – gadget cage
- Free download 16 Beautiful web icons
Interesting articles
Expect lots more links next week. For more links as they happen, follow us on Twitter.
-
You are currently browsing the archives for April, 2010
