Comments on: WordPress Blog Hacking Prevention http://www.dannyfoo.com/blog/blog-lessons/wordpress-blog-hacking-prevention/ Malaysia website design blog Sat, 04 Feb 2012 04:00:00 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Danny Foo http://www.dannyfoo.com/blog/blog-lessons/wordpress-blog-hacking-prevention/comment-page-1/#comment-2602 Danny Foo Mon, 24 Nov 2008 04:19:34 +0000 End of the day, if they really wanted to do something to your website/blog - they will. But it's still good to have preventions in place. :) End of the day, if they really wanted to do something to your website/blog – they will. But it’s still good to have preventions in place. :)

]]> By: amir http://www.dannyfoo.com/blog/blog-lessons/wordpress-blog-hacking-prevention/comment-page-1/#comment-2601 amir Sun, 23 Nov 2008 09:14:08 +0000 Very informative. I must check my blog now. Very informative. I must check my blog now.

]]> By: Danny Foo http://www.dannyfoo.com/blog/blog-lessons/wordpress-blog-hacking-prevention/comment-page-1/#comment-2600 Danny Foo Tue, 21 Oct 2008 05:34:33 +0000 Wow! They hacked your site and added something to the .htaccess. Now that's bad. Thankfully, my host security hasn't experienced this yet and I hope it doesn't happen. Wow! They hacked your site and added something to the .htaccess. Now that’s bad. Thankfully, my host security hasn’t experienced this yet and I hope it doesn’t happen.

]]> By: Hauke http://www.dannyfoo.com/blog/blog-lessons/wordpress-blog-hacking-prevention/comment-page-1/#comment-2599 Hauke Mon, 20 Oct 2008 01:31:31 +0000 Another method is called "cloaking" in which your website gets re-directed to a spammy website if you are google spider bot. This is difficult to spot, given that we are not the google spider bot, but the good news is that we can pretend to be. Just install the "User Agent Switcher" for Firefox and add a definition for googlebot (see http://www.searchenginejournal.com/how-to-switch-your-user-agent-to-googlebot/7249/) How did they do it? This is what they added to my .htaccess file after many *blank lines* (so that you could easily miss this addition!!!): RewriteBase / RewriteCond %{HTTP_USER_AGENT} (Googlebot|Slurp|msnbot) RewriteRule ^ http://spammy_website/ [R=301,L]71 N.B. make sure you scroll down to the end of your .htaccess file when checking! Another method is called “cloaking” in which your website gets re-directed to a spammy website if you are google spider bot. This is difficult to spot, given that we are not the google spider bot, but the good news is that we can pretend to be. Just install the “User Agent Switcher” for Firefox and add a definition for googlebot (see http://www.searchenginejournal.com/how-to-switch-your-user-agent-to-googlebot/7249/)

How did they do it?

This is what they added to my .htaccess file after many *blank lines* (so that you could easily miss this addition!!!):

RewriteBase /
RewriteCond %{HTTP_USER_AGENT} (Googlebot|Slurp|msnbot)
RewriteRule ^ http://spammy_website/ [R=301,L]71

N.B. make sure you scroll down to the end of your .htaccess file when checking!

]]> By: Bezpiecze?stwo WordPress - zabezpiecz swojego bloga! - WebFan http://www.dannyfoo.com/blog/blog-lessons/wordpress-blog-hacking-prevention/comment-page-1/#comment-2598 Bezpiecze?stwo WordPress - zabezpiecz swojego bloga! - WebFan Tue, 02 Sep 2008 16:26:40 +0000 [...] Credits: quickonlinetips.com, lorelle.wordpress.com. Image by DanyFoo.com. [...] [...] Credits: quickonlinetips.com, lorelle.wordpress.com. Image by DanyFoo.com. [...]

]]>