Comments on: WordPress users hack – how to detect security breach in your blog user list http://www.majauskas.com/wordpress-users-hack-how-to-detect-security-breach-in-your-blog-user-list Wed, 18 Jan 2012 03:56:37 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Giedrius http://www.majauskas.com/wordpress-users-hack-how-to-detect-security-breach-in-your-blog-user-list#comment-5147 Giedrius Sun, 21 Jun 2009 18:38:00 +0000 http://www.majauskas.com/?p=109#comment-5147 Look in a table called wp_options. Look there for key labeled "plugins" or similar. There will be an array of values with filenames or directories. These files are plugins. If only plugins directory (wp-content/plugins/) are mentioned, the plugin is ok. If the plugin is in different directory, it is bad and should be deleted. Typically, bad plugins have no name and thus are not listed in wordpress admin panel. I would recommend upgrading wordpress to last version. Changing password is good idea as well. Also, some people recommend protecting your admin panel directory using .htaccess, but it will not work if you home PC adress is dynamical (mine is), that is changes once in a while. Look in a table called wp_options. Look there for key labeled “plugins” or similar. There will be an array of values with filenames or directories. These files are plugins.
If only plugins directory (wp-content/plugins/) are mentioned, the plugin is ok. If the plugin is in different directory, it is bad and should be deleted. Typically, bad plugins have no name and thus are not listed in wordpress admin panel.
I would recommend upgrading wordpress to last version. Changing password is good idea as well. Also, some people recommend protecting your admin panel directory using .htaccess, but it will not work if you home PC adress is dynamical (mine is), that is changes once in a while.

]]> By: Daniel D http://www.majauskas.com/wordpress-users-hack-how-to-detect-security-breach-in-your-blog-user-list#comment-5135 Daniel D Fri, 19 Jun 2009 22:06:46 +0000 http://www.majauskas.com/?p=109#comment-5135 Hi G. Found your post. Experiencing the same issue. I'm not that versed in mysql but saw in my wp_user that there are rogue users as well, one named "Wordpress" and another named "Blog." Can I just delete them from the wp_users or is there some other "Clean Up" I need to do? Also... what should I do after that to help resecure the blog? Reload WP files? Change passwords? Any help / advice is appreciated. Hi G. Found your post. Experiencing the same issue. I’m not that versed in mysql but saw in my wp_user that there are rogue users as well, one named “WordPress” and another named “Blog.” Can I just delete them from the wp_users or is there some other “Clean Up” I need to do? Also… what should I do after that to help resecure the blog? Reload WP files? Change passwords?

Any help / advice is appreciated.

]]>