Do Hackers have nothing better to Do?
 

Just started a new site, and had some good advice about locking it down with more money
how crazy do you need to get with a wordpress site ???????

Cheers
oh

Fuckers hacked my WP Super Cache plugin and injected an iframe that loads outside of the browser's viewable area, img src'd a shitload of websites and youtube videos, made the status bar go nuts, and blasted my speakers with like 30 videos loading all at the same time.

I removed all plugins, installed a new plugin to export my whole site as static html, and said goodbye to wordpress on 50 websites.

This is just since last night.

hey, it pays their bills so its their full time job .

if you cant keep it secure then dont use whatever majority public is using i.e. wp.
drop wp get ghost or something else.

ghost? some cms?

This is why i developed my own cms since wordpress is insecure as fuck.

I installed wordpress this week on a number of sites this is my first week using it and fuck me got hacked in 1st week. I am thinking of only using the guts of it and manually link to what i import with it. http://www.trafficshopping.com

thank you. can you tell smth about it? why it's better than WP, cuz it's less popular and less hacked?

You could look here for alternatives as well: http://www.opensourcecms.com/scripts...category=Blogs .And when it comes to less hacked,dont remember hearing for any other script beside wordpress ever being hacked lol

I had all of my WP sites hacked a few months ago. Everything was updated, security, etc. My host was able to recreate all of my sites and put on WP Security which seemed to fix the hacking issue.

thanks, i'm just reading about ghost now, gonna read about the others.

whats wonder me how to smoothly transfer over 300 posts into new platform :(

also if i would switch i would like to have fast cms, WP is slow sometimes.

apparently it's doeable, found this one: http://www.ghostforbeginners.com/how...ress-to-ghost/

My own cms is fast as fuck.When it comes to others,you might target those scripts which are not using mysql database,as that is one of reason why it can be slow sometime.

Is WP the problem or 3rd party plugins?

People checking this thread may want to check this other thread as well.
Could be related as our site is a wp site.

https://gfy.com/showthread.php?t=1144348

I'm pretty sure a bare WP install is fairly secure. Though there are hundreds of blog platforms to choose from. The problem is this huge movement to make WP into a full scale CMS. It's like webmasters are afraid of hand coding and photoshop now. Everything has to be point and click. The hacking is the price paid for that.

Wow, that is pretty intense. Luckily, we have fared well, though, Charles is very good at securing our shit.

but yeah, WP is quite vulnerable.

Things to note for other users worried about WP security:

1. Pay attention to what folder permissions are being given to certain plugins, if its too insecure, don't use them

2. Keep your plugins and themes UP TO DATE. Use child themes for any customizations so that when updates to themes happen, your site doesn't break.

3. Be weary of any custom Javascript or PHP you do, keep it tight and know what you are doing if it accesses any database(s)

4. Be weary of plugins and themes that are not part of the Wordpress codex (ie, avail right from WP's site). For plugins and themes that you obtain from outside sources, understand what they do, make sure you can trust the company providing them and don't EVER buy from a retailer that is just re-branding and selling the same plugins avail elsewhere.

5. If the source-code is protected, chances are good that the plugin phones-home. Avoid, unless you trust the source.

Really don't have anything better to do. I agree.