Some major WordPress design flaws have led to widespread attacks on our and your servers. The only hope is reasonably long and strong passwords or WordPress security plugins. The first flaw. By default WordPress have enabled “feature”, when you visit your blog with author query string appended, it nicely reveals your usernames. For example, if …
Tag Archives: WordPress
Spammed by WordPress comment stealing bot with Facebook profile
Some time ago (1/2 year, may be 1 year) strange comments started to appear in our WordPress comment moderation queue. They all contained some random comments from random places, they all had the similar URL: http://www.facebook.com/profile.php?id=XXXXXXXXXXXXXXX where XXXXXXXXXXXXXXX is profile ID, that is changing from one comment to another. I didn’t click on the fake …
Continue reading “Spammed by WordPress comment stealing bot with Facebook profile”