~Beware of Permission 777~ [Existing Bloggers Pls Check!]

godsofchaos Peon

Messages:: 2,595

Likes Received:: 124

Best Answers:: 0

Trophy Points:: 0

#1

Beware of the permission 777 for any folder on your blog. It was discovered that a recent exploit will actually change your sitemap and images folder if you have 777 enabled for that.

What it will do is simply insert millions (and I mean million) of pages into a specific folder and change the sitemap (typically permitted with a chmod 777 due to google xml sitemaps easier way out) to show the pages towards the search engines. This essentially is really not visible by us as only a few of us ever check the sitemaps once it has been set up.

One way to check whether you have been hacked or not is simply by checking the size of your entire site, with the hackers already inside your site, the size of the entire site/blog should increase by around 50mb at times.

Also, when browsing through your folders either by cpanel or FTP, the total size of a folder is always shown. Typically the size of a folder should be around 4KB and no more. If a folder, any folder, is anything more than that then please friends do check out what is inside. Trust me, everyone is vulnerable to this because 99% of us do use Google XML sitemap or Cache plugins. (It is applicable for cache too since the cache folder needs the chmod 777 to work properly.)

So no matter how confident you are about security, please check again just to be sure. As a fellow blogger I dont anyone of you to suffer anything which none of you should suffer.

The rest is up to you!!!

Also please try and install wp-security scan and wp-exploit to be on the safer side of things.

Wp-Exploit Scanner takes a hell lot of time to scan, but I still think it is worth it. Wp-Security Scanner does it much quicker but it actually checks other stuffs.

My Nyn9 or 99 blog was actually hacked with this issue but thanks to God I saw it when it was actually taking place!!!

Best of Luck!!!!!!!