Wordpress Hacked

I’ve been hearing a lot of buzz recently about Wordpress sites being hacked, however apart from the occasional tweet I haven’t actually seen any articles describing the problem but then again I haven’t really been looking.

My Wordpress installation is running the most recent version and I assumed it was just one of those security holes that only affected people running older version. I think I might be wrong. I host most of my Wordpress sites with Rackspace and I receive an email from their support saying that they may have found suspicious values in my Wordpress DB. So I got a little worried and started searching a little harder.

Anyway I came across this excellent article about this particular hack and how to find out whether your Wordpress site has been hacked, specifically with the Phara Hack.

http://www.pearsonified.com/2010/04/wordpress-pharma-hack.php

The worrying thing is that is article seems to suggest that nobody knows how the hackers are getting into the Wordpress sites. Although, I guess it could have been a hack from a previous version of Wordpress but just activated now?

It also ends with a link to another excellent article on how to make your Wordpress installation more secure.

http://www.wptavern.com/top-5-wordpress-security-tips-you-most-likely-dont-follow

Luckily I didn’t find any of the tell-tell signs mentioned.

Hopefully you won’t need this information but I thought I mention it anyway,  hopefully Wordpress will find the security holes if there is one and patch it quick and hopefully Wordpress 3.0 will be out soon.