Well that's lovely

Tue, Dec 18 2012 22:51 bradley

The wordpress side of the blog is being rebuilt - again - due to having found a lovely file that allows for GUI access to the server. wp-xml.php

http://blog.hacktalk.net/wso-2-5-shell-released/

Now digging into the root cause and testing/code auditing the rest of the wordpress install.

I don't claim to be an expert in securing wordpress sites by any means, and will certainly be looking to hire someone to do a through review, but trying to keep that site secure is a near full time job some days.

Filed under: Security

# re: Well that's lovely

Wednesday, December 19, 2012 2:12 AM by ZenOne

Susan, I wonder if it might be related to this reported issue?

blog.eset.com/.../malicious-apache-module-used-for-content-injection-linuxchapro-a

# re: Well that's lovely

Wednesday, December 19, 2012 2:21 AM by bradley

We're running WordPress on Windows, so it's not Apache.

THE OFFICIAL BLOG OF THE SBS DIVA

Search

Tags

News

Community

Syndication

Archives

Sharepoint

Exchange

Security

Microsoft Downloads

SBS - Blogs

ISA Server

SBS Team Blogs

Interesting Small Business Blogs

SBS - CRM

Interesting People I know

Patches