recently my wp site (brand new, no plugin or theme) get hack thru akismet, become UK bank phishing site .... i wonder why akismet is so weak ? btw anyone facing this problem
Hey skabt, I don't think it has anything to do with Akismet. The akismet plugin is most powerful anti-spam solution available for WordPress. If you still think Akismet is culprit here, then check out GASP anti-spam plugin - http://www.wpkube.com/confirm-you-are-not-a-spammer/
Do you have been update your Akismet version? Or you can combine with another spam blocker plugin to get powerful performance.
yes is akismet else have to be wp already . . . . cause the site is fresh install, nothing done .......
report from hosting, script injected thru akismet : email : We run some checking and would like to update you on the reason of the injected script. 196.29.210.100 - - [21/Oct/2012:00:53:06 +0800] "GET //wp-content/themes/Webly/cache/s.php?x=img&img=ext_css HTTP/1.1" 200 570 "http://propertyagent.my//wp-content/themes/Webly/cache/s.php?x=ls&d=%2Fhome%2Fproperty%2Fdomains%2Fpropertyagent.my%2Fpublic_html%2Fwp-content%2Fplugins%2Fakismet&sort=0a" "Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1" As you can see, akismet plugins were injected and make changes through the page: http://propertyagent.my//wp-content/themes/Webly/cache/s.php s.php is the backdoor script that used by the attacker to upload the malicious script. Its recommended to change your used theme on your page, as obviously there is vulnerables on the theme 'Webly' you using.