PSA: Update Your WordPress Sites That Are Running 4.7.0 and 4.7.1
Last Update: Apr 15, 2017
This is kind of old news, but if you haven't been active on WA or logged into your websites for awhile you might not know about it.
Basically, WordPress 4.7.0 and 4.7.1 has a vulnerability that allows unauthenticated people(people who don't have login credentials) to edit your posts.
As you can imagine spammers and hackers have taken full advantage of it to deface websites. I have two websites that had posts modified to say they had been "Hacked by imam with love" and one of those two also had spam links for Cialis.
You might want to take a look at all your posts/pages and see if anything looks out of place.
Things to do if you have been hacked:
- Restore from known good backup(if possible, this is the easiest way.)
- Change login passwords, FTP passwords, and database user passwords. Do this even if you restored from backups because your backups will have the same passwords as your hacked site.
- If you host your site with SiteRubix, hosting support may be able to help you out. It would be worthwhile to submit a ticket and find out.
- Worst case scenario: Copy all of your content manually and rebuild your site from scratch if you are super paranoid or don't have good backups.
Even worse are the plugins on the dated website. There's good reason to keep them updated, but even more the plugins. These have some serious holes in them and is how most hackers get in. Plugins are created by 3rd parties outside of WordPress and much of of the time disregard vulnerabilities in the wake of getting their code to work properly with WP. Yes! don't let 'em get dated. I too have had websites that became ghettos, havens for criminals sending pornography all over the Creation. Don't wait until you start getting phone calls or emails from your hosting company.
Either scenario in how a website gets hacked, those are some solid steps to take as you have them.
Thanks for sharing Thomas helpful information just in case.