Pages: [1]

Author Topic: WordPress Default Leaves Millions of Sites Exploitable for DDoS Attacks  (Read 1223 times)

0 Members and 1 Guest are viewing this topic.

Offline hacker@sr.gov.yu

  • VIP
  • Peasant
  • *
  • Posts: 142
  • Cookies: 25
  • Tools don't make hackers, hackers make tools!
    • View Profile
WordPress Default Leaves Millions of Sites Exploitable for DDoS Attacks
« on: May 07, 2013, 11:20:35 am »
Report to moderator   Logged

Offline Stackprotector

  • Administrator
  • Titan
  • *
  • Posts: 2515
  • Cookies: 205
    • View Profile
Re: WordPress Default Leaves Millions of Sites Exploitable for DDoS Attacks
« Reply #1 on: May 07, 2013, 12:06:02 pm »
Report to moderator   Logged
~Factionwars

Offline hacker@sr.gov.yu

  • VIP
  • Peasant
  • *
  • Posts: 142
  • Cookies: 25
  • Tools don't make hackers, hackers make tools!
    • View Profile
Re: WordPress Default Leaves Millions of Sites Exploitable for DDoS Attacks
« Reply #2 on: May 07, 2013, 01:25:35 pm »
Report to moderator   Logged

Offline Stackprotector

  • Administrator
  • Titan
  • *
  • Posts: 2515
  • Cookies: 205
    • View Profile
Re: WordPress Default Leaves Millions of Sites Exploitable for DDoS Attacks
« Reply #3 on: May 07, 2013, 01:29:51 pm »
Quote from: hacker@sr.gov.yu on May 07, 2013, 01:25:35 pm
http://core.trac.wordpress.org/ticket/4137


6 year old bug, really?  :)
I just installed a wordpress blog. But i will always advice to keep the basics and throw away any shit you don't need. Also just enabled cloudflare free on it :)
Report to moderator   Logged
~Factionwars

Offline hacker@sr.gov.yu

  • VIP
  • Peasant
  • *
  • Posts: 142
  • Cookies: 25
  • Tools don't make hackers, hackers make tools!
    • View Profile
Re: WordPress Default Leaves Millions of Sites Exploitable for DDoS Attacks
« Reply #4 on: May 07, 2013, 01:44:42 pm »
Better WP Security + Cloud Flare + Mod_Secuity(with OWASP rules) is quite good :)
Report to moderator   Logged

Offline Stackprotector

  • Administrator
  • Titan
  • *
  • Posts: 2515
  • Cookies: 205
    • View Profile
Re: WordPress Default Leaves Millions of Sites Exploitable for DDoS Attacks
« Reply #5 on: May 07, 2013, 01:50:28 pm »
Quote from: hacker@sr.gov.yu on May 07, 2013, 01:44:42 pm
Better WP Security + Cloud Flare + Mod_Secuity(with OWASP rules) is quite good :)
And the biggest problem are the themes. So don't use a leaked old premium theme, or be sure it's clean and every addon included (timthumb) is updated :D
Report to moderator   Logged
~Factionwars

Offline hacker@sr.gov.yu

  • VIP
  • Peasant
  • *
  • Posts: 142
  • Cookies: 25
  • Tools don't make hackers, hackers make tools!
    • View Profile
Re: WordPress Default Leaves Millions of Sites Exploitable for DDoS Attacks
« Reply #6 on: May 07, 2013, 03:24:51 pm »
Quote from: Factionwars on May 07, 2013, 01:50:28 pm
And the biggest problem are the themes. So don't use a leaked old premium theme, or be sure it's clean and every addon included (timthumb) is updated :D
Yep, plugins are also a big threat.
Report to moderator   Logged
Pages: [1]