Pages

Jump to bottom

5 comments

1 Dark_Falcon  Sat, Apr 13, 2013 1:05:59pm

The image that forms in my mind is of a huge number of infected machines merging to form one giant Devastator-type Transformer.

/More than meets the eye.

2 Charles Johnson  Sat, Apr 13, 2013 1:10:53pm

This could be very bad. Anyone who uses WordPress needs to make sure they’re using very strong passwords.

3 CuriousLurker  Sat, Apr 13, 2013 1:36:48pm

Ugh. We’ve created several sites using WP. I make a habit of using strong passwords when I install anything (learned the hard way), but I guess I’d better check with clients to make sure they haven’t changed anything.

Thanks for the heads-up.

4 Political Atheist  Sat, Apr 13, 2013 1:56:56pm

re: #2 Charles Johnson

re: #3 CuriousLurker

This leaves a lot of us users crossing our fingers and hoping our ISP people are on the ball. IIRC.

5 CuriousLurker  Sat, Apr 13, 2013 2:24:39pm

re: #3 CuriousLurker

Another good practice is to avoid using the default “super user” username which is often “admin”. As the article notes, this is being exploited:

According to CloudFlare’s Prince, the distributed attacks are attempting to brute force the administrative portals of WordPress servers, employing the username “admin” and 1,000 or so common passwords.

Don’t make things easy for the bad guys.

Web sites, no matter how small or insignificant, are under constant attack. I have several personal sites that I don’t use much except for playing around, but just for shits & giggles one day I added some PHP to my 404 (not found) page to see which resources were being requested that were resulting in the 404 error.

There were numerous attacks every single day from all over the world. Luckily, my hosting company has pretty good security, and most of it looked like script kiddies trying to brute force their way in using common vulnerabilities, but still…it was an eye-opener.

On another domain I added an “admin” directory (e.g. mydomain.com/admin) with a fake login screen (no pwd or uname required) just to see if people would attempt to get in. Yep, they tired on a regular basis, though not as often as with the automated brute force attempts that target the commonly installed stuff.

Moral of the story: If you put something on the web, people WILL attempt to access it just because they can, so take precautions.

*steps down from pulpit*


This page has been archived.
Comments are closed.

Jump to top

Create a PageThis is the LGF Pages posting bookmarklet. To use it, drag this button to your browser's bookmark bar, and title it 'LGF Pages' (or whatever you like). Then browse to a site you want to post, select some text on the page to use for a quote, click the bookmarklet, and the Pages posting window will appear with the title, text, and any embedded video or audio files already filled in, ready to go.
Or... you can just click this button to open the Pages posting window right away.
Last updated: 2021-06-05 12:51 pm PDT
LGF User's Guide RSS Feeds Tweet

Help support Little Green Footballs!

Subscribe now for ad-free access!Register and sign in to a free LGF account before subscribing, and your ad-free access will be automatically enabled.

Donate with
PayPal
Cash.app Shop at amazon
as an LGF Associate!
Recent PagesClick to refresh
Jafar Curry Captivates in Exceptional AlbumAmerican international recording artist Jafar Curry is here with soul meets funk offering ‘Loving My Girl’. Armed with an electrifying R&B sound that embodies the greats such as Stevie Wonder, James Brown, Michael Jackson and Prince. Jafar was born to ...
libertyliberty
1 hour ago
Views: 53 • Comments: 0 • Rating: 0
Tweets: 0 •
The World’s Largest Camera Is Nearly Complete The world’s largest camera sits within a nondescript industrial building in the hills above San Francisco Bay. If all goes well, this camera will one day fit into the heart of the future Vera C. Rubin Observatory in Chile. ...
Thanos
7 hours ago
Views: 57 • Comments: 0 • Rating: 0
Tweets: 1 •
Some Religious Groups Want a Say in What Happens to Your Body After You Die - Americans United In some states, a new option is emerging: human composting. Also called natural organic reduction, the process involves placing the body in a container along with wood chips, straw and alfalfa. Over 30 days, the body breaks down and ...
Thanos
Yesterday
Views: 175 • Comments: 0 • Rating: 0
Tweets: 9 •
Author of the Onion Supreme Court Brief Explains Why Parody Is Worth Defending : NPR The long-running First Amendment case of an Ohio man is suddenly getting a lot of attention, thanks to the satirical news site The Onion. And that's not because it's been spoofed. It's because the publication has gotten involved directly, ...
Thanos
Yesterday
Views: 142 • Comments: 0 • Rating: 1
Tweets: 4 •
Indigenous Americans Ruled Democratically Long Before the U.S. DidDemocracy: it was older and more widespread than we thought. At the Oconee site, called Cold Springs, artifacts were excavated before the valley became an aquatic playground. Now, new older-than-expected radiocarbon dates for those museum-held finds push back the origin ...
Thanos
4 weeks ago
Views: 1,769 • Comments: 0 • Rating: 2
Tweets: 3 •