WordPress
The BBC is reporting that there is an ongoing botnet attack on WordPress sites targeting those who have never bothered to change the administrator’s name from the original ‘admin’.
They use ‘admin’ and then run through possible passwords.
People should have changed out ‘admin’ just after installing the system. It isn’t a simple edit. You have to create a new user, give the user administrator privileges, and then delete the ‘admin’ user. Since no two users can have the same e-mail address, you have to do some messing around, but you really should change it and use a strong password. If you are paying your own hosting fees, you don’t want to get stuck with big usage fees from this type of annoyance.
2 comments
Easiest way to change it is to just hack your database and change it directly using MySQL. It’s a single update statement, not brain surgery.
I got this news several days before BBC (don’t recall where, probably Krebs, a guy I admire because he has big ones that clang) and of course have been keeping an eye on my own WordPress site that I run for my Jeep club. So far no signs of unusual activity. Every night I (or rather, a script) rsync my web server to my local server (which has 20 terabytes of storage, so no shortage of space, duh 😉 and it tells me what files have changed since the previous night. So far nothing unusual, just SpamAssassin cached emails for its database and mail folders.
That is certainly the easiest way for you or me, but I don’t assume that most people even know that WordPress involves MySQL, much less how to make the changes. I stayed with the official WordPress procedure, assuming people can at least use the Dashboard [silly assumption, of course.]
I haven’t seen anything.