Life is full of jerks trying to make your time on earth a living hell. People using content management services are no stranger to this fact. By making your life easier, it also becomes harder because there are so many hacking attempts in a given hour that your head will spin.
One of the biggest things that happens is the exploitation of custom themes and scripts, and what’s difficult is that hackers are pretty adept at covering their tracks.
We recently uncovered a sleeper script in the deep blue theme that allowed hackers to create a file on a clubs server which modified the .htaccess file. Once done, traffic could be redirected elsewhere. The site still existed on root (because on our server, it is all but impossible to hijack that), but the sub pages were routing incorrectly.
So instead of listing all the plugins and themes we found attempted to be accessed by our client’s hacker friends, we wanted to simply relay the list of files attempted to be accessed to you, so if you are not using a site on our network, you can have your website admin automatically search for these!
- doupload.php
- upload.php
- ajaxadminupload.php
- uploadify.php
- */uploadify/*
- */uploader/*
- last but not least, wp-xml.php
Search for files on your site installs by looking for these and remove any known exploits.
Oh and if you don’t know how to do that, or do not have the support by your club’s website host that will help you do that, I highly suggest moving. Either pick a service managed by people with a vested interest in security, or pick a VPS host that comes with support. VPS usually starts at $30 a month, which is far more than $60 that you would pay for basic website hosting elsewhere. Basic website hosting of course typically doesn’t cover support simply because they cannot afford to cover every possible bug for a mere $5 a month.
So then, in that case, you are best left to using a service provider 🙂