[Nottingham] We've been hacked/cracked! THREE times!!!
Martin
martin at ml1.co.uk
Wed Jan 29 22:54:50 UTC 2014
On 29/01/14 09:10, Martin wrote:
> On 29/01/14 08:59, Martin wrote:
>> Folks,
>>
>> FYI:
>>
>> OK, so our WordPress site has been attacked, from what looks to be three
>> attempts! All on 21/01/2014 and 28/01/2014.
>>
>> And just for being really paranoid: Can any maliciousness be executed in
>> a .css file?
>>
Apparently so, at least in the distant past.
OK, so the very few examples of css in the writeable area are now
non-writable, and no other css can be added. (Even if css in the uploads
area could somehow be contrived to be looked at.)
Next...
Cheers,
Martin
--
- ------------------ - ----------------------------------------
- Martin Lomas - OpenPGP (GPG/PGP) Public Key: 0xCEE1D3B7
- martin @ ml1 co uk - Import from hkp://subkeys.pgp.net or
- ------------------ - http:// ml1 .co .uk/martin_ml1_co_uk.gpg
More information about the Nottingham
mailing list