[Wylug-admin] Fwd: Removal from Google's index - responsibility
John Leach
john at johnleach.co.uk
Thu Jul 10 17:43:03 UTC 2008
On Thu, 2008-07-10 at 17:57 +0100, Mark P. Conmy wrote:
> > Given shell access to the box I could get Wordpress upgraded (assuming
> > not too much weirdness in the setup/permissions), and I'd put it on my
> > Wordpress upgrade procedure so I'd keep it up to date in future (yes I
> > have a procedure, I have rather a lot of Wordpress sites that need
> > update rather too often *sighs).
>
> Oh, there's weirdness, not least being safe_mode.
Ok, I'll see how far I get then. Have worked with php safe mode before.
>
> Personally, I would prefer PHP was avoided.
I can understand. I think the first step should be to upgrade Wordpress
as it should be relatively painless to do and will give us time to
decided what to do next.
>
> > Not sure how we can go about you trusting me to give me access though
> > Mark as we don't know each other so well. Dave moreso perhaps, but we
> > haven't swapped gpg keys or anything :/
>
> I can pass on the password on Monday in person.
Great, thanks Mark.
In the mean time we could be re-exploited, but we can just remove the
content again. Not sure what the exact bug is, but if manage to spare 5
minutes in the mean time you could remove the xmlrpc.php file from the
wordpress root (it's usually to blame and is hardly necessary at all).
John.
More information about the Wylug-admin
mailing list