Re: [videoblogging] Re: Wordpress Security

[Jan McLaughlin]

This is -- in part -- why I've given up trying to maintain my WordPress
vlogs.

:(

Jan

Jan McLaughlin
Production Sound Mixer
air = 862-571-5334
aim = janofsound
skype = janmclaughlin


On Sun, Sep 6, 2009 at 4:59 PM, elbowsofdeath st...@dvmachine.com wrote:

 Thanks for the info.

 If you are getting rid of them via phpmyadmin then there is stuff in the
 usermeta table that you should also be deleting, otherwise some future users
 could find themselves with admin rights!

 Cheers

 Steve Elbows

 --- In videoblogging@yahoogroups.com, Michael Verdi michaelve...@...
 wrote:
 
  If you haven't heard yet, there is an attack happening on all versions
  of Wordpress except the newest - 2.8.4. So you should upgrade your
  installations. The thing that I noticed on ALL of my sites that were
  not already running 2.8.4 was that they had hidden admin users on
  them. The sneaky thing about that is that you may not have any other
  symptoms besides these hidden accounts and then think you are safe
  once you've upgraded. The are, essentially, back doors left on your
  site to be exploited later. So you have to make sure to get rid of
  them. The process is a little tricky – at least it's not a typical
  WordPress user operation so I've documented two ways to do it in this
  screencast.
  
 http://reports.graymattergravy.com/2009/09/06/remove-hidden-admin-users-in-wordpress/
 
 
  - Verdi
 
  --
  Michael Verdi
  http://milkweedmediadesign.com
  http://michaelverdi.com
 




 

 Yahoo! Groups Links






[Non-text portions of this message have been removed]





Yahoo! Groups Links

* To visit your group on the web, go to:
http://groups.yahoo.com/group/videoblogging/

* Your email settings:
Individual Email | Traditional

* To change settings online go to:
http://groups.yahoo.com/group/videoblogging/join
(Yahoo! ID required)

* To change settings via email:
mailto:videoblogging-dig...@yahoogroups.com 
mailto:videoblogging-fullfeatu...@yahoogroups.com

* To unsubscribe from this group, send an email to:
videoblogging-unsubscr...@yahoogroups.com

* Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/

[videoblogging] Re: Wordpress Security

[elbowsofdeath]

Thanks for the info.

If you are getting rid of them via phpmyadmin then there is stuff in the 
usermeta table that you should also be deleting, otherwise some future users 
could find themselves with admin rights!

Cheers

Steve Elbows

--- In videoblogging@yahoogroups.com, Michael Verdi michaelve...@... wrote:

 If you haven't heard yet, there is an attack happening on all versions
 of Wordpress except the newest - 2.8.4. So you should upgrade your
 installations. The thing that I noticed on ALL of my sites that were
 not already running 2.8.4 was that they had hidden admin users on
 them. The sneaky thing about that is that you may not have any other
 symptoms besides these hidden accounts and then think you are safe
 once you've upgraded. The are, essentially, back doors left on your
 site to be exploited later. So you have to make sure to get rid of
 them. The process is a little tricky – at least it's not a typical
 WordPress user operation so I've documented two ways to do it in this
 screencast.
 http://reports.graymattergravy.com/2009/09/06/remove-hidden-admin-users-in-wordpress/
 
 - Verdi
 
 -- 
 Michael Verdi
 http://milkweedmediadesign.com
 http://michaelverdi.com