4 Comments


  1. From WP2.5, it can use WP Core. Will this still need the folders to be set to 777 ? Nevertheless, this really is a very important plugin for installing themes save for the security downside.


  2. The most common cause of spam injections is being on a poorly configured shared server. Some other site on the server gets hacked, the hacker runs a script on the server that searches for and auto-hacks anything it can find, done.

    A properly secured shared server won’t have this problem. Hacking one site on the server will not give the person access to the whole of the server. A server that uses suPHP is a good first step towards this.

    So, my advice would be to find a webhost that actually knows what they’re doing when it comes to security. Oddly enough, one that I’ve found happens to be GoDaddy. Their shared web servers may be slow and overloaded, but they are indeed secure. I guess when you stick 3k users onto a box, you have a sudden need for real security. ;)


  3. What is needed is information on what should be the permissions for each folder in WordPress. And why, so when somebody changes something, he/she will know the consequences


  4. According to Otto, that means I need to change host. All my WP installations got infected some months ago, but I found the injection files and I got rid of them. It is not happening anymore thought.

Comments are closed.