Late Friday evening I sat down and backed up all my websites.  I had planned to write a review article for ExpertWP as soon as I was done. Apparently, however, between the time I started backing up my sites and when I got back to LoW, a script kiddie managed to find a security hole and post its website.

At first I was devastated as I did not know if it happened before or after the backup.  When I did some checking around, I discovered that there was no real damage.  The only thing I could find was an index.htm in two of the folders.  It took about 30 seconds to delete the files and set restrictions on the folders to not allow new file creation.  The backup was fine, but I had no reason to use it.

I still don’t know what the security hole is.  However, where all other attacks have damaged my database and other areas of my sites, this one did not do any damage.  I am sure that the reason the script did not get anywhere was because of the security measures used in ExpertWP.

Needless to say, I postponed my review of ExpertWP.  It is still my next project for this site and will be completed later this week.

Buck

Filed under: Website Security

Like this post? Subscribe to my RSS feed and get loads more!