How many times has WordPress been hacked?

Hello, this is TheresaJewel and I just deleted a second “blog post” that was pure spam. It was supposedly written to ask you for donations by Dr. Nguyen Duc Kien, the Chairman of the Hanoi FC Vietnam. According to Wikipedia, Dr. Kien does exist, but why is he asking for funding when he has a “personal fortune estimated at over $90 million US dollars“?

I looked through a few of the proposed links and found this junk posted on the blog(s) of another person or two in addition to both of mine.

How do people keep hacking WordPress? What is it about WordPress that allows such easy access? I’m 99.9% sure no person figured out my new password, because I changed it to something I need to look up every time I sign in.

I decided to create a poll. This is for anyone with a blog, but I definitely want to hear from all WordPress users.

After you vote, I would love to hear from anyone who can tell me how to stop this. If I can’t stop it, I may go back to Blogger or my Weebly.com site.

Thank you for your advice.

Related articles

• “You’ve Been Hacked” – WordPress Blog Security (mlmblog.net)
• Large Botnets Attack WordPress And Joomla (techweekeurope.co.uk)
• WordPress Hack: How To Deal With It? (konnectingu.com)
• Best WordPress Security Plugins (konnectingu.com)
• Find Out If Your WordPress Plugins Are No Longer In The Repository (And Potentially No Longer Safe) (business2community.com)

Sorry about that last post – now deleted

I originally checked in to explain my eight-day absence, but when I saw what had occurred on my blog, I became upset.

I’m angry and frustrated someone or something else (botnet?) wrote a post on my account without my permission. I am very sorry for the post on June 2, 2013 which is now deleted. It was not written or copied by me, nor would I willingly allow something like that on my blog.

From the “related articles” (Zemanta), I found I’m not alone. “Botnets” attacked thousands of WordPress blogs and apparently broke into hundreds of them. Perhaps the guides below will help others who had the same problem.

I suggest we install a security step which seems extremely simple to me. Why not build in a challenge question? You know the ones you have to answer before getting your password reset and/or sent to you in an email. We could choose a  question that no one else is likely to guess and be required to answer it before publishing a post. On the other hand, why isn’t there already a “Prove you are a human” challenge on WordPress? They are on almost every other website I ever visit.

 

Related articles

• 5 Lessons from the Recent Word Press Attack (madhulikabasu.wordpress.com)
• The Five-Step Guide to Better Social Media Security, Step 3: Take the Necessary Steps to Protect Passwords (business2community.com)
• Is Your WordPress Site Secure? (diamondwebsiteconversion.com)

Email Addresses

A lot of you have asked for my email address. I hoped there was a widget to put it on the side, but I didn’t find one.

Below are my three main email addresses, but please only use one of them. (I actually have more. No, I don’t know why.) Replies will come from the “t.j.pinkston.2007@gmail.com” address because it’s the main account on Microsoft Outlook.

• tjpinkston@netscape.net
• t.j.pinkston.2007@gmail.com
• jewel.ammons@gmail.com

 

Related articles

• 7 Ways to Get a Website’s Contact Information (iacquire.com)
• Convert the Mailto Hyperlinks into a Contact Form (arunbabyveranakunnel.wordpress.com)

How to leave a comment

I have received a few complaints about not being able to leave a comment on a post. On the other hand, there are more comments left which are singled out as Spam by Askimet. I’d like to address both problems.

First, I will deal with leaving a comment. If you can’t leave your feedback on a blog’s main page (mine or anyone else’s), please click on a particular post. Each post has its own distinct link and you can always write a comment at the bottom. In order for your feedback to be accepted (at least on most blogs), you must supply a link to your website. A person who isn’t a member of WordPress.com must also give an email address on a WordPress blog.

As I said, there are several people who have left comments but will never see them. Why? You followed the rules above, didn’t you? Your comment(s) are in the “Spam” folder because Askimet doesn’t allow links in your feedback and it doesn’t like websites that advertise a product or service. That’s a smart “Spam Filter” if you ask me.

Once in a great while, I will “Un-spam” a comment. However, the feedback must look legitimate to me before I will do so. Therefore, you shouldn’t expect me to “Un-spam” a comment which asks how to host a blog, how to “code”, or how to use SEO when your website says you work for a company that advertises one or more of those services.

What can you do if you want you truly want to leave a reply, but you are part of a company selling products or services? You can fill out the Comment Form below. Be sure to explain why I should make an exception to your otherwise “Spam” feedback that does not involve selling anything to me or to my followers!

Name(required)

Email(required)

Website

Personal Website

Why should I accept your comment?(required)

Comment(required)

Submit

Δ

Related articles

• Spammers use trackbacks, pingbacks, and reblogs (piedtype.com)
• Blog Comments and Pingbacks Explained (roundpeg.biz)
• Are You Making These 6 Fundamental Mistakes with Your Blog? (amsterdamprinting.com)
• How to Effectively Protect Your Site from Spam Attacks (business2community.com)