Comments on: Wordpress Blog Hacking Prevention

By: Danny Foo

Danny Foo — Mon, 24 Nov 2008 04:19:34 +0000

End of the day, if they really wanted to do something to your website/blog – they will. But it’s still good to have preventions in place.

By: amir

amir — Sun, 23 Nov 2008 09:14:08 +0000

Very informative. I must check my blog now.

By: Danny Foo

Danny Foo — Tue, 21 Oct 2008 05:34:33 +0000

Wow! They hacked your site and added something to the .htaccess. Now that’s bad. Thankfully, my host security hasn’t experienced this yet and I hope it doesn’t happen.

By: Hauke

Hauke — Mon, 20 Oct 2008 01:31:31 +0000

Another method is called “cloaking” in which your website gets re-directed to a spammy website if you are google spider bot. This is difficult to spot, given that we are not the google spider bot, but the good news is that we can pretend to be. Just install the “User Agent Switcher” for Firefox and add a definition for googlebot (see http://www.searchenginejournal.com/how-to-switch-your-user-agent-to-googlebot/7249/)

How did they do it?

This is what they added to my .htaccess file after many *blank lines* (so that you could easily miss this addition!!!):

RewriteBase /
RewriteCond %{HTTP_USER_AGENT} (Googlebot|Slurp|msnbot)
RewriteRule ^ http://spammy_website/ [R=301,L]71

N.B. make sure you scroll down to the end of your .htaccess file when checking!

By: Bezpiecze?stwo WordPress - zabezpiecz swojego bloga! - WebFan

Bezpiecze?stwo WordPress - zabezpiecz swojego bloga! - WebFan — Tue, 02 Sep 2008 16:26:40 +0000

[...] Credits: quickonlinetips.com, lorelle.wordpress.com. Image by DanyFoo.com. [...]