Comments on: SWX web site spam hack

By: Michael

Michael — Tue, 13 May 2008 08:40:12 +0000

Well, crap it won’t show the html, well anyway, I added one with display:none (no spaces

and copied those two with single quotes instead of double quotes. I hope this makes sense.

By: Michael

Michael — Tue, 13 May 2008 08:38:43 +0000

I added some lines to your code. I noticed my spammer was slightly different. So I replaced your single line with this:

$content = preg_replace(’/.*?/s’, ”, $content);
$content = preg_replace(’/.*?/s’, ”, $content);
$content = preg_replace(’/.*?/s’, ”, $content);
$content = preg_replace(’/.*?/s’, ”, $content);

By: Cronachesorprese » Prova tecnica - Plugin

Cronachesorprese » Prova tecnica - Plugin — Tue, 18 Mar 2008 10:59:27 +0000

[…] none”) si vedono invece nel feedreader. Io almeno con google reader le vedo. Provo questo plugin, speriamo bene. Pubblico questo post anche per vedere se funziona. Non trovo nulla invece per il […]

By: Matthew Keefe

Matthew Keefe — Sat, 16 Feb 2008 20:05:49 +0000

It seems I have also fallen victim to this, but whats weird is my blog is up to date, so much for a perfect world…

Thanks for the tips, it cleared it right up.

By: Ben

Ben — Wed, 13 Feb 2008 17:31:33 +0000

I have been attacked, too. I just upgraded from 2.3.2 to 2.3.3 because some of my readers informed me they couldn’t subscribe. It turns out that there are hidden links after my footer that start with this
font style=”overflow: hidden; position: absolute; height: 0pt; width: 0pt;”

I tried the plugin but unfortunately it didn’t work I am getting desperate to the point where I want to wipe everything off and start from scratch again. I hate spammers.

By: Upgrading to Wordpress 2.3.2 at Aral Balkan

Upgrading to Wordpress 2.3.2 at Aral Balkan — Sun, 13 Jan 2008 18:32:17 +0000

[…] else first before attempting one (which, of course, is absolutely the worst thing you can do, as the recent spam hack on the SWX blog demonstrated so well). I used to dread doing the updates mainly because I just knew something would […]

By: Aral

Aral — Wed, 02 Jan 2008 09:32:44 +0000

@Claus: Intersesting — did you have the theme editor enabled?

@Andrei and @Ash: Thanks for the tips

@Ronny: You’re welcome + Happy New Year!

By: Ronny

Ronny — Tue, 01 Jan 2008 16:18:01 +0000

And suddenly Aral’s pagerank was 7 again
Thx for the plugin and the post man!

Best wishes for 2008
Greets

By: Andrei

Andrei — Mon, 31 Dec 2007 18:46:11 +0000

Hi Aral, we have been dealing with the similar issues on afcomponents.com/blog. There are security holes in at lest 3 of the previous versions of WP. After upgrading to the latest version be sure to disable the remote post and the theme editor.

Cheers,
Andrei

By: Ash

Ash — Mon, 31 Dec 2007 15:02:02 +0000

If you have the means, I highly recommend checking out wordpress from their svn repo. Then when a new version comes out, an update is a simple ’svn switch’ command away. Its harder to set up, but easier for always being up to date in the long run