[wp-hackers] [OT] Resources for Defending Against Blog Attacks

jacobsantos at branson.com jacobsantos at branson.com
Wed Aug 8 16:53:37 GMT 2007


Well, there are auditing (free and premium) that will run automatic 
security attacks against your site and give you the results.

As always, you should upgrade any and all applications (whether PHP, C, 
C++, or any other language) to plug holes. WordPress did have and 
probably still has some security issues in the 2.2.0 and 2.2.1 versions. 
Version 2.2.2 (and for the 2.0.x branch) plugged most, if not all, of 
the issues pointed out by some guy. The method would have been able to 
gain hold of the WordPress and delete and whatever.

I would recommend Dreamhost for DDOS, as they will probably handle it 
better (and won't boot your ass for causing it). However, I only 
recommend them because I use them.

Check http://www.planet-php.net for two security professionals, one 
named Chris and the other who manages the Hardened PHP patch. The audit 
tool you will have to search for, but it was also on planet-php and 
still probably is.

There is also a site devoted to securing WordPress, has an free audit 
tool (not as complete as the one above) and tips for securing wordpress. 
I'm sure someone else has the URL, but if not I'll reply once I find the 
links.

You can probably do a google search and find these yourself. I think the 
best counter action, would be to lock down the comments, change 
passwords, disable login, etc. It would be cool if WordPress had this 
feature that you can set by FTPing into the config and lock down the 
site by setting the config to true.

Well, good luck and I would like to hear more about what you do to block 
hackers. I luckily don't do politics (or not enough), probably for the 
reason you mentioned. Since my blog is in my name and my address is 
available by WHOIS, I'm a little bit more weary of speaking out about 
matters that might have my knees broken over.

Jacob Santos

Chris Williams wrote:
> I am the (moderately experienced) webmaster for three blogs that are being
> ruthlessly attacked.  I've Googled and searched the WP support forums but I
> feel I need the expertise of the elite company herein.  Please forgive me if
> this is ridiculously off-topic here.
>
> The sites I'm responsible for are owned by three women who speak for women
> and woman's issues.  They are being besieged by misogynist idiots.  The
> jerks moved on from truly sick comment storms to DDoS attacks designed to
> chase them from their shared hosts.  That succeeded and I mitigated the
> problem by using a dedicated server, judicious performance tuning (light
> theme, caching, etc.), and some good defenses.  Not only did this help with
> these clowns, but it also had the side benefit of allowing them to easily
> handle Diggs, and mentions in the New York Times.
>
> Then, after a month or so, the attackers moved on to more insidious attacks.
> Recently they managed to chase us from the dedicated host by some other
> means.  Some program got on the server and chewed up all the memory and CPU
> time, grinding the server to its knees despite quite modest web traffic.
> The logs showed nothing funny, there was no logging into the root I could
> uncover, I could find no programs installed in temp directories, etc.
> Without restarting the blog again only to fail quite publicly and
> embarrassingly, I can't analyze the problem in more detail.
>
> We retreated to blogger so I could take the time to move to a new host.  The
> old host was beyond useless, taking as much as three days to respond to a
> simple email request for assistance, running literally ancient versions
> (Fedora 4!) and forbidding me from upgrading, etc. (let me know if you want
> to know their name).
>
> I'm in the process of setting up a new machine on a better host and I need
> advice from the experts here.  I am surely going to run all the requisite
> performance tuning goodies, but I'm looking for more security related help.
> Are there good resources, check-lists, etc. that you know of that will help
> me insure that this new server will not suffer the same fate?  Even better
> would be some form of audit program that would point out my machine's holes
> and weaknesses.  I'd even be willing to hire a bright star on a contingent
> basis to help in this effort.
>
> As this is clearly off-topic from WP core code, please respond to me
> directly off-list if you can provide any advice and counsel.
>
> Thank you in advance for your help,
> Chris
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
>
>
>   



More information about the wp-hackers mailing list