A warning re - Wordpress Hackers

[pudseyowl]

I've had a number of my wordpress sites hacked today! Has this happened to anyone else? I'll post more info when I find out whats happened.

Sad losers :-(

[Mogga]

Was it up to date?

Was it Yoast who suggested changing wordpress so only u can log in (I think it requires fixed IP from your ISP though)

He does mention security on his blog
http://yoast.com/top-wordpress-plugins/

[findlite]

Ouch... what damage did they do?

Its worth looking at this when your done fixing stuff....... http://www.cardiffairportparking.net...ss-secure.html

[pudseyowl]

ive not found any damage yet!
I had to ftp new default-widgets.php and default-filters.php where they had added some code.
They only hacked the ones that had not been updated, so i updated them immediately and changed login details. I also checked that they hadnt created any new users.

Im still quite a newbie, so i admit, it terrified me. but i think i may have had a lucky escape!!

Let this be a lesson - Always keep your wordpress up to date

[babrees]

Let this be a lesson - Always keep your wordpress up to date

yep - never a truer word said. But also ensure that you keep backups of your database!

[Paul Smith]

Is kind of an eye opener, i'm running a few out of date wordpress instalations, think i'll go update them now...