http://weblogtoolscollection.com/news/ Weblogtoolscollection News Topic: How to prevent viruses uploaded to wp -blog -header.php? en Tue, 21 May 2013 19:00:39 +0000 http://weblogtoolscollection.com/news/topic/how-to-prevent-viruses-uploaded-to-wp-blog-headerphp#post-2926 Fri, 13 Jun 2008 00:14:29 +0000 gestroud 2926@http://weblogtoolscollection.com/news/ <p>Thanks for the link, donchenko. I appreciate it.</p> <p>Luckily, the virus isn't on my hard drive. It's definitely something someone uploaded to the web host's server. Twelve different sites - with twelve different passwords - were affected. The only thing they have in common is that they are all on the same server - that and the fact that they were hacked. :-S</p> <p>Right now, I'm looking for every resource available to make it as difficult as possible for my sites to be hacked again. And I'm also sharing the info that someone is targeting wp-blog-header.php files for attacks. </p> http://weblogtoolscollection.com/news/topic/how-to-prevent-viruses-uploaded-to-wp-blog-headerphp#post-2918 Tue, 10 Jun 2008 13:49:15 +0000 donchenko 2918@http://weblogtoolscollection.com/news/ <p>Maybe its a virus on your computer.</p> <p>Here is description one of them <a href="http://www.viruslist.com/en/viruses/encyclopedia?virusid=147349" rel="nofollow">http://www.viruslist.com/en/viruses/encyclopedia?virusid=147349</a></p> <p>This virus steal passwords from many soft and can use them to upload virus code into your sites.</p> <p>Check your computer with antivirus, and try to change all password, FTP password, Hosting-admin password etc. </p> http://weblogtoolscollection.com/news/topic/how-to-prevent-viruses-uploaded-to-wp-blog-headerphp#post-2915 Mon, 09 Jun 2008 20:56:20 +0000 gestroud 2915@http://weblogtoolscollection.com/news/ <p>I've recently noticed that someone has uploaded a virus - JS/Downloader Agent to a number of my WP 2.51 web sites.</p> <p>Whoever the attacker is uploads it to wp-blog-header.php.</p> <p>The file is originally 2KB. The new file is 3KB.</p> <p>I have already contacted my webhost (Servage) and installed a fresh copy of WordPress.</p> <p>Read/Write permissions are set to 755 on the root folders.</p> <p>No one has my passwords, but I've just changed them, just in case.</p> <p>I have wp-ban installed, as well as wp-blockadmin and the Login Error Cleaner plugin.</p> <p>All plugins are up to date.</p> <p>What I'm trying to figure out is how to prevent it from happening again.</p> <p>Any suggestions? </p>