I know. Utterly surprising. But really, my site has been in a constant state of red alert for the last year, being the victim of several sql injections into my database with the wp-stats trojan, which is easily blocked by any malware detection tool on a computer but unfortunately, renders my site flagged by google. This means that anytime folk come to visit my site (especially on Firefox) they see a big sign (on Firefox 3 it’s huge and red) warning them that my site is a supporter of viruses.
The series of attacks, in conjunction with my lack of posting when trying to fix the problem has brought my readership down from about 250 a week to maybe 15. The attack seems to occur only to my wordpress section of the Bible Archive which supports the idea that there is a inherent vulnerability in WordPress even though I don’t know what it is.
What I’ve done so far is:
- rename all my wordpress tables to have strange characters in front of them (so that a scanner looking for “wp_” won’t find anything).
- put a security lock on my back end pages access (so I have to login twice to get there)
- used strong passwords for everything (so I have to look at a written out document to log in)
- prevented write access from certain folders in my backend (so going to a directory gives a warning)
- Contacted my hosting provider (to make sure there wasn’t something up with the server)
- Ran a site vulnerability program (showing no vulnerabilities)
- Tried to backtrack the IP’s that launch the attack (usually go back to a russian site)
But the attack still gets through. I’m trying to get the IP information but it seems to revolve between Russia and the Ukraine. I never had this problem with mambo/joomla. ::sigh::