I’ve been hearing a lot of buzz recently about WordPress sites being hacked, however apart from the occasional tweet I haven’t actually seen any articles describing the problem but then again I haven’t really been looking.
My WordPress installation is running the most recent version and I assumed it was just one of those security holes that only affected people running older version. I think I might be wrong. I host most of my WordPress sites with Rackspace and I receive an email from their support saying that they may have found suspicious values in my WordPress DB. So I got a little worried and started searching a little harder.
Anyway I came across this excellent article about this particular hack and how to find out whether your WordPress site has been hacked, specifically with the Phara Hack.
The worrying thing is that is article seems to suggest that nobody knows how the hackers are getting into the WordPress sites. Although, I guess it could have been a hack from a previous version of WordPress but just activated now?
It also ends with a link to another excellent article on how to make your WordPress installation more secure.
Luckily I didn’t find any of the tell-tell signs mentioned.
Hopefully you won’t need this information but I thought I mention it anyway, hopefully WordPress will find the security holes if there is one and patch it quick and hopefully WordPress 3.0 will be out soon.