montana ranch

DIYthemes Website Hacked - Wordpress 3.0 Secure?

July 31st, 2010

The development company DIYthemes, who is known for the creating the popular Wordpress theme known as "Thesis", was hacked this morning around 11:00 am CST. I was referencing from their online manual when I was greeted with the default TwentyTen theme and 2 blog posts. The latest blog post had many links to miscellaneous websites.

DIYthemes hacked

The image below shows you that a hacked Wordpress site can also affect your listing in search engines like Google.

DIYthemes google search results

Wordpress doesn't have the best reputation of being secure and I've been victim to several Wordpress websites that have been hacked. This raises questions of a security hole in the newly released Wordpress 3.0, or DIYthemes web hosting security.

2 Comments

  • Mark Jaquith Mark Jaquith 08-02-2010

    I’ve never seen a website hacked by a hole in a then-current version of WordPress. It always is a theme, a plugin, another application, the hosting environment, or a compromised (or weak) password.

    There are no known vulnerabilities in WordPress 3.0.

  • Bransin Bransin 08-28-2010

    Mark, thanks for the clarification. Some more interesting news on 8 character password strength.

Comment to my Ramble

required

required and email kept private

Please enter the word you see in the image:

Follow me on Twitter

  • @derekallard agreed. Next step for me is to convince a client to upgrade EE2 for addon reasons. My pitch did not work before.
    01-23-2012 8:31 PM
  • Anyone at #eecms know how to make categories required using Safecracker?
    01-23-2012 6:47 PM
  • Wishing the #tron legacy movie was as good as the soundtrack.
    01-09-2012 10:41 PM
  • Enhanced some audio from a Vimeo video. Good song. http://t.co/BRS84dKs
    12-29-2011 2:41 PM

Other Good Stuff

Other Places I'm Located