[wp-hackers] wordpress theme script injection (hosted on dreamhost)
vid at zippykid.com
Sun Oct 31 16:51:32 UTC 2010
try the free wordpress.com account? :) we just want you to stick with
Mladen Adamovic wrote:
> Regarding hosting - I have other websites hosted at my dreamhost account and
> they haven't been hacked hacked so far . That's good otherwise I'll have
> days of work to fix it.
> Godaddy has slow and unresponsive panel comparing to dreamhost - I have some
> websites hosted there as well.
> I understand that some individuals and companies are offering Wordpress
> hosting however for me Blogger could do - and it's free. Since my blog has
> around 25 readers I don't have economical reasons to pay for managed
> wordpress hosting.
> On Sun, Oct 31, 2010 at 4:17 PM, Vid Luther <vid at zippykid.com> wrote:
>> Instead of switching platforms completely, I would recommend first
>> changing hosts, go with mediatemple, godaddy, rackspace, page.ly,
>> wpengine, my company, or even godaddy.. their UI sucks, but their phone
>> support is fairly decent.
>> As for the exploit, it may not be a wordpress exploit, but an ftp
>> attack, as it's just looking for filesystem paths and injecting to it.
>> I'm assuming by default theme footer, you meant twentyten theme, and
>> footer.php ?
>> Mladen Adamovic wrote:
>>> Hi guys,
>>> My wordpress software instance was repeatedly hacked ... running latest
>>> Wordpress source code and being hosted on Dreamhost.
>>> I don't know which exploit it did use and couldn't identify it, but it
>>> adding the following code to my default theme footer.php:
>>> enc =
>>> dec = unescape(enc);
>>> I think I'll have to migrate to Blogger, since I couldn't identify
>>> it did use.
>>> I wanted to drop you an email anyhow since identifying exploits is
>>> wp-hackers mailing list
>>> wp-hackers at lists.automattic.com
>> Vid Luther
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers