Is Your Wordpress Blog Being Hijacked?
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
Suspicious URLS
I only mention this as there have been several hundred attempts to hijack one of my Wordpress blog recently. I noticed when checking my statistics, that instead of some people accessing a page using a standard URL – you know something like :
www.myblog.com/blog/an-interesting-blog-post/
they were using URLS that looked good at the start, but had incredibly long numbers attached to them – the URLS being used looked more like this :
www.myblog.com/blog/an-interesting-blog-post/?;DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0×4445445434C4152452040
54207661726368617228323535292C4043207661726368617228343030302920
4445434C415245205461626C655F437572736F7220435552534F5220464F52207 . . .
SQL Injection
Above is an example of someone trying to inject some SQL a Wordpress database so that the wordpress blog running off the database is infected with hundreds of outgoing links to porn or pharmaceutical websites. You don’t normally notice until your Google rankings start to drop.
Today’s article is there one that explains what is going on with the latest SQL Injection attacks and how to combat them. Keeping your wordpress version updated is a good start. But he also goes into how to check to see if your blog has been spammed. Nasty.
This entry was posted on Tuesday, August 19th, 2008 at 5:51 pm and is filed under In the office, Security, Wordpress. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
