WordPress Blogs Hacked

I had a couple of my niche market WP blogs hacked over the weekend. It looks like all they did was remove my themes folder and put some dumbass "hacked by" index page in the folder. I upgraded from 2.5 to 2.6.2 so hopefully that will close it. I can't figure out where they came in.

They didn't fool with the index page in the root, but it showed up as a blank page when I went to the domain. It tried to call the php header from the theme file, but it wasn't there.

If I hadn't decided to work on this site today I might not have noticed it.

How do you guys keep track of all your blogs?

I've spent about the last 2 hours checking everything and doing a few more WP upgrades. Basically time I could have been using to make money.

I debating setting up a "My Sites" folder in my FF bookmarks and just "open all in tabs" every morning to check them. Right now I have about 40 sites so I would probably break them down into groups of 10 in each folder.

Any ideas?

One of my Mu sites crashed too, nothing would load, db was fine, my psswerd was original. May not be related to your issue.

I scrambled up my db name, user, and psswerd thinking it might have been a competitor.

I like the idea of having the sites auto load each morning.

it's not surprising they have done it to your blog since you have been using a rather old version of WP2.5. WP2.6.2 has been out for quite some time already.

regularly updating to the latest WP version is the only way we can be one step ahead of hackers.

might not have been wp may have been a common plugin

Folks,

Have you had any experience using this script, which is supposed to add some security to your wordpress blogs?:


[/CODE]