WordPress Hack Attack

Today a hacker gained access to one of the sites on this server (bradj.co.uk) and uploaded various payloads with scripts to do targeted attacks on other WordPress sites. Highly informative how the scripting was done.

I am sorry if you were the target of one of those attacks. Rest assured, when I found out where the attack was coming from I shut down the site concerned. I have changed all passwords and access to this site...

I thought at first someone had got round things after I upgraded the database software, but after visiting the log files over a couple of months, I realised it was simply someone guessing the password for an administrative user on the site concerned. 

I identified the servers where the attack came from and the relevant authorities have been informed - but since when do large web service companies take notice of small fry like us! Access from that server and the servers hosting the external scripts have been blocked with appropriate firewall rules :)

* Stressful Thursday *


Starting today I will be upgrading the database on the server to the latest version to cover security patches.

This will mean some downtime to various things like email and web sites.

** UPDATE **

The software is now running the latest version - just going through all sites to make sure they are working. Email should be up again.


What's my public IP address?

Hopefully you should see both you IP addresses below. IPv6 is the new style IP address and IPv4 is the old style IP address.