Comments on: Attack of the Wordpress-Hacking Spam Trackbacks

By: Effe58@gmail.com

Effe58@gmail.com — Tue, 19 May 2009 18:16:22 +0000

I�m managing my friend�s blog, and I found this just a few moments ago. I�m currently logged in as admin. Is there anything to worry about, or is this just another failed SQL injection

By: Jason

Jason — Mon, 24 Nov 2008 01:01:33 +0000

Thanks Sebastian. http://codex.wordpress.org/Users_Authors_and_Users_SubPanel is the official writeup of what you suggest.

@Cody – probably a separate username / password setup in Control panel. Look under protected directories depending on what Cp you use.

@hot gadgets changing the default user name from admin to something else means that the attackers have to look for both a user name and a password which increases the complexity.

If they already know there is a user called admin then part of their problem is solved.

By: azrin

azrin — Thu, 20 Nov 2008 16:27:36 +0000

Actually, someone found a fraud backlink code which disables comments from any IP ranging in the list of Hosting Providers.

Meaning… if IP=(LIST)&REQUEST_URI=WP-COMMENT.PHP then it’s been redirected to another page automatically. Mainly, renaming your wp-comment.php normally solves this issue.(except multi-blogs)

azrin @ http://www.chat.nu

By: Hot gadgets

Hot gadgets — Wed, 05 Nov 2008 19:30:33 +0000

How changing admins solves the problem?

By: Cody

Cody — Sat, 09 Aug 2008 11:10:52 +0000

All of a sudden my WordPress blog is showing a “Restricted Access” popup window asking all visitors to my site to provide a username and password.

Does anyone know is this is some sort of spam attack?

If so, can anyone tell me where to look in my admin panel to fix this?

I posted this question over at the WordPress forum but got no responses and the info I’ve seen in the WordPress troubleshooting forum didn’t clear up my question.

Thanks in advance!

By: Freelocale

Freelocale — Wed, 06 Aug 2008 01:44:15 +0000

People should be sharing more free things like this. Its what keeps the Internet buzzin’.

By: Sara

Sara — Thu, 31 Jul 2008 13:37:33 +0000

spammers are so frustrating.isnt there some way to get rid of them

By: Knowtebook.com

Knowtebook.com — Sun, 20 Jul 2008 10:05:37 +0000

You must change your admins username to secure your blog.

1. create new user and give him admin rights.
2. log out and log in with new user account and delete old admin account. but attention: when deleting the old account it asks you to move your posts to the new account. check yes!

Sebastian
Knowtebook

By: artcoder

artcoder — Wed, 25 Jun 2008 00:11:46 +0000

So is this a WP security hole in 2.5.1 of Wordpress? Or has the hole been plugged up by now.

Can I prevent that SQL injection by disabling trackbacks?

By: pamQ

pamQ — Sun, 08 Jun 2008 05:56:56 +0000

I’m managing my friend’s blog, and I found this just a few moments ago. I’m currently logged in as admin. Is there anything to worry about, or is this just another failed SQL injection?

This is what I got:

‘ AND 1=0) UNION SELECT 1 FROM wp_users WHERE user_login=’admin’ and substring(reverse(lpad(conv(substring(user_pass,1,1), 16, 2),4,’0′)),1,1)=’1′ /* | None | IP: 124.217.227.127

None…

None…

Thanks!