Updates to your WordPress Website (WA Hosting)
Today (Sunday June 24th, 2012) we've run some security updates on the WA hosting network that will prevent your ability to update your WordPress website Themes or Plugins fop the next couple hours only.
Stronger FTP Passwords
The recent WordPress hacking that has been happening online has opened up some security vulnerabilities that we have been working to correct over the past week and a half. As part of the security update we've changed your website FTP passwords to be stronger.This means that if you have your FTP passwords saved in an FTP client program, then you will need to update these passwords in order to FTP on to your domain. This was very important to change as we determined that some sites had their FTP credentials compromised. We've updated this across the WA hosting network to be 100% safe.
How does this affect you?
Well, as soon as we are done with the security update you will not notice a difference. We are updating your WordPress website so that you can still add plugins and themes as you normally would. However, for the next few hours you will not be able to upload new wordpress theme or plugins.
Why some WordPress Installations get hacked?
Wordpress is the worlds most popular website builder and because of this it is popular among hackers to try and find vulnerabilities. When these security vulnerabilities are found hackers try to spread malicious code to millions of wordpress websites throughout the world. To combat this we've developed a far more secure environment for your websites, we've determined how the hackers were able to break into some of your plugins and themes, and we've plugged the vulnerability.Does this mean you will NEVER get hacked again? Absolutely not but WA hosting will not be one of the networks that hackers try as we have this new security in place.
How to protect yourself?
Regardless where you install your website, you need to understand that with each plugin you install, or 3rd party theme, this opens your website up to the possibility of code that is vulnerable to hacking attempts. We suggest choosing as few plugins as you can to help limit your exposure to the possibility of installing vulnerable code.
What are we doing to protect you?
Many people do not know that at WA hosting we offer premium monitoring of your website. Our team is constantly watching over your website and if we find something that looks suspicious we investigate it without even telling you. In a lot of cases plugins and themes can cause a site to get hacked, and we'll know this the instant it happens. We take the proper measures to clean your site and protect you from further hacking attempts. We realize the importance of keeping your websites up and running and free of malicious code.----------
Today, please be aware that you may not be able to upload plugins or themes until your website has been updated with the latest security measures. We hope this to be complete on the entire network within the next few hours.
Thanks to everyone for your patience and understanding, when a world wide vulnerability like this is exploited, millions of sites are affected as were a handful of WA hosted WordPress sites.
Carson
Recent Comments
37
Thank you this is great news. I think hackers work heavily on wp plugins that are not anymore updated by their developers. A lot of plugins have compatibility issues as well as bugs. I wonder what Wordpress is doing regarding these outdated plugins?
There isn't a lot that WordPress can do other than rely on their community to report plugins that are not compatible, or verified to be safe. All plugins have ratings so it's a good idea to take a look at those before installing on your site.
Thanks Carson. I tried to visit another members website yesterday and my computer told me he had a virus on it. I informed him of the problem, I guess was the hacker. I'm glad it's being dealt with.
Yes, that's this same issue that we're referring to and have been battling for the past 10 days or so. What will happen is that the site will be updated with the new security, then the malicious code will be removed. We will seek and destroy the malicious code on every site that we find it on.
Thanks Carson for taking action on the weekend with this!
WA Members:
This just shows how much the team at WA cares about YOUR success.
Hey Carson, sounds good and appreciated. Looks like the recent sites that had been infected with Malware have been cleaned.
Can you just confirm if a site owner needs to create a ticket if the blog is infected or is support scanning everything as they apply updates etc.
Thanks
No need to create any tickets to ask to have your site cleaned. We know how to find the infections and we're cleaning every single site we find it on.
If anyone has an issue with uploading a new theme or plugin for the next few hours it would be great if you could hold off on submitting a hosting ticket. As we run this update across our network all sites will not have the ability to add new themes or plugins.
Carson, this is a great news! I am glad that it was you who change my FTP passwords.I was unable to login to any site through FileZilla and I was afraid that is someone else, especialy because one of my sites was hacked few days ago. Thank you guys, you are awesome!
Yes, it was us who changed the FTP info. We did so after the compromise was cleaned out so it will not continue to have access to your file system via FTP.
Good job Carson, but can you/will you 'Name names?'
Which plugins do you think might be bad and are to be avoided?
See more comments
Wow how cool it is to know that you guyz are on top of this. Thank you so much :)
You are welcome :) We're glad that we were able to secure things so this kind of malware attack is less frequent in the future. It will not be the last time a site is hacked, but we're actively working to seek malicious code out and clean it before it hampers your site's anticipated behavior!