Warning: Infected plugins uploaded to wordpress.org
This week it was discovered that unauthorised software uploads were made to the WordPress.org plugins repository and 3 compromised plugins were discovered. Anyone with a wordpress.org account should have been notified (although I have not been yet) to change their password. They are also advising anyone who uses AddThis, WPtouch, or W3 Total Cache plugins and there’s a possibility they could have updated in the past day, to replace with the clean versions. We use wordpress extensively through our businesses and all instances have been checked and verified OK. Incoming search...
read moreSo, your site has been hacked, now what?
A while ago our WordPress based website was hacked and code inserted into the core WordPress and theme files. The code was meant to redirect visitors to a malware site, but even this was broken and it just killed our site instead. We are a small business but try and organise ourselves like the big boys with our approach to technology where it makes sense to do so. We might not have a security monitoring centre and team of system administrators running backups but we take the underlying principles and apply them to our needs. Our site was offline while we recovered and in a few hours we...
read more