Discussion in 'BlackHat Lounge' started by Skyebug77, Feb 8, 2017.
You will find same warning in Google Webmaster
Yea these Muslim hackers hit like 5 of my PBNs running an older version of WP all at the same time. Hacked page was an Islamic flag. Fortunately the host was able to restore from backup.
Me too I'm uploading manual backup.
Thank you for the warning.
Thank you, just started updating.
Since only 4.7.0 and 4.7.1 seem to be problematic - will lower version not be affected?
Thanks for the heads up. I am going to update all my wp sites right now.
Bump for other, My two sites got hacked, Fuck you wordpress. I am done with WP.
Please don't blame wordpress because you're too lazy to update it....
Why dont Wordpress themselves update it?
Read the linked article. Wordpress worked with security teams and updated Wordpress a week before releasing the news. So the question is really: Why did you not update your Wordpress installation when your administrative page notified you that there was an update?
Tanks for the heads up. Hope it's not too late, gonna check all sites now.
I think wordpress automatic updates are enabled after v4.7. My sites were auto updated.
There is a plugin available for enabling auto updates - https://wordpress.org/plugins/automatic-updater/
This article states that auto updates was introduced in v3.7 - https://www.siteground.com/tutorials/wordpress/auto-update.htm
While Wordpress can auto update, sometimes the updates break the sites - especially if a plugin is not compatible with the new version of WP. Therefore, many operators turn off the auto update. I do. But as soon as the admin panel notifies me, I download the new version and test it against the plugins I run singly and in total combination. Sometimes all of the plugins are compatible with each other if loaded only in a certain order, sometimes one plugin or the other is not compatible at all, and sometimes minor tinkering is needed for a given plugin.
Regardless, there are sound reasons for turning off auto updates.
Auto update baby.
lol Auto update here saved me it seems
EDIT one of my sites was caught, ferkkk...
They edit my latest post, removed all content and left this
Wordpress thread https://wordpress.org/support/topic/wordpress-4-7-1-hacked-by-ng689skw/
than for the heads up,
will check my site now,
Maybe request this be stickied OP?
@Apricot @Diamond Damien
Separate names with a comma.