Kristi wrote a guest blog post at TechJaws about the attack last weekend on her well known Kikolani Blog by the PHP Script Injection Exploit in WordPress 2.7.1. Kristi explains how she restored her blog and dealt with the issue. The UnMask Parasites blog provides additional details on what is known about this particular malware which has been dubbed the Gumblar .cn Exploit.
Gumblar exploit does NOT affect only WordPress. It can target any site using .php including Drupal, PhotoPost and even the Bangalore Telecom Web site.
The resources below will assist you in assessing your risk, increasing security for your WordPress blog and removing this exploit if you are already affected.
WordPress Security Resources:
- Should You Be Concerned About Your WordPress Security? (May 12, 2009)
- Securing Your WordPress Blog (Jan 14, 2009)
- In Depth Tutorial On How To Secure Your WordPress Blog Tip 1 (Apr 8, 2009)
- 18 WordPress Plugins Plus Tips to Secure Your Blog (Mar 13, 2009)
- Dan Nedelko WordPress Security Plugins (Apr 23, 2009)
- Maximum WordPress Security Plugin Announcement (Jan 3, 2009)
- Sucuri: WordPress Hardening (How to obscure WordPress and Apache version details)
- 13 Vital Tips and Hacks to Protect Your WordPress Admin Area
Security Monitoring Tools for WordPress:
- Fast, simple way to check public information for yours or any other Web site: Sucuri Web Information Gathering Tool
- Search Engine Snark recommends these Tools for Monitoring WordPress Security
WordPress Security Audit Services:
- Performancing Services offers WordPress Security Auditing
WordPress Security Plugins:
- Maximum Security WordPress Security Plugin
- WpBeginner post about WordPress File Monitor – download WordPress File Monitor from WP plugin Directory