Tag Archives: exploit

Restoring an Exploited WordPress files

I previously had a 10 step process to replace all the files in a wordpress, this got rid of most file based exploits. Since then i have written a shell script that pretty much incorperates that wget http://blog.rimuhosting.com/files/restorewordpress.sh chmod +x … Continue reading

Posted in Featured, HOWTO | Tagged , , , , | 1 Comment

How to restore a WordPress site after hacks or exploits in 10 easy steps

A lot of people use WordPress, and seemingly a lot forget to click the upgrade button regularly enough and find they are exploited.  In an ideal world, you would click that button whenever you see it needs updates, and have … Continue reading

Posted in HOWTO | Tagged , , , , | Comments Off on How to restore a WordPress site after hacks or exploits in 10 easy steps

Identifying exploits and exploited websites

I have made posts before regarding how to find exploits, and what to do about those previously, however it has come to my attention that some people are not even realizing what the basics are to look for. In this … Continue reading

Posted in Rimuhosting, Security | Tagged , , , , | Comments Off on Identifying exploits and exploited websites

Finding Exploits and Trojan php hacks on a website

Its always unfortunate when you are exploited, and the best method to fix a site is to wipe and restore from a known backup as well as track down the entry point they gained access and fix it. Sometimes you … Continue reading

Posted in HOWTO, Security | Tagged , , , , , , , | 4 Comments

Blocking malicious crawlers or scrapers in Apache

Occasionally we see a customer who has a popular website that often gets people trying to crawl it and copy the lot, This has the unfortunate side effect that its hammering the site. Made worse only by dynamic pages and … Continue reading

Posted in HOWTO | Tagged , , , , , , , | Comments Off on Blocking malicious crawlers or scrapers in Apache

Apache exploit may crash your server – heres how to fix it

We have picked up that there was an exploit in Apache which can result in your server running out of memory. the discovery was noticed quiet some time ago, but never fixed, and it seems to have reared its head … Continue reading

Posted in Security | Tagged , , , , , , , | 1 Comment

Jboss Exploits

There is a JBoss exploit out in the wild.  See http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0738 and https://access.redhat.com/kb/docs/DOC-30741 for details.

Posted in Security | Tagged , , , | 3 Comments

WordPress mass update script 3.04 – Urgent

From the guys at wordpress We've fixed a pretty critical vulnerability in WordPress' core HTML sanitation library, and because this library is used lots of places it's important that everyone update as soon as possible. I realize an update during … Continue reading

Posted in Security | Tagged , , , , , , , , , | Comments Off on WordPress mass update script 3.04 – Urgent

Proftpd exploitable versions

Due the severity of the proftp bug, and the mixed systems and versions in the VPSs, we many customers have switched to use vsftp, others just started using sftp, regardless that we have the following notes for customers willing to … Continue reading

Posted in Rimuhosting | Tagged , , , , | Comments Off on Proftpd exploitable versions

Disabling exploitable proftpds

A stack overflow bug has been identified in ProFTPd.  This bug allows users to gain remote access (usually root) to an attacker.  This bug requires immediate attention and potentially a restore to the last backup image of your server. Information … Continue reading

Posted in Security | Tagged , , , , , , | Comments Off on Disabling exploitable proftpds