Recent hacks and wordpress - September 2009
September 18, 2009
FYI all svaha.com customers. Earlier today a site with an unpatched wordpress install resulted in us being hacked and used to relay spam for a short period of time. This, rightly, resulted in our mailservers IP address being promptly blacklisted by a number of 'Realtime Black List' (RBL) services used by many services, including AOL, YAHOO and other major mailservers. We immediately suspended the offending site and have filled out the appropriate forms requesting our IP address be removed from lists but this may take a little while longer for a few services to 'trust' us again. During that time you may receive some bounced mail. At this point there is nothing more that we can do to get our IP address trusted again besides wait. :(
The bigger issue at play here is the necessity of those of you using common web applications like wordpress, textpattern, drupal, joomla, oscommerce etc. to keep your installs up to date. In tonight's case this vulnerability was patched in Wordpress version 2.8.3 which was released earlier this summer. If you have a site using an older version of any piece of software and need assistance upgrading it please e-mail us at service@svaha.com and we will be happy to work with you on getting you up to date. If you have an older site running some software that you no longer wish to maintain let us know that too and we can assist you in disabling the site, archiving and backing up any important data.
Since all Svaha users, including us managing the server, share the same resources it's important that we all do our best to keep our sites as safe as possible. If you ever have any problems with your website or sending mail through our server please let us know ASAP. The sooner we are aware of a possible problem the quicker we can address it. When in doubt, please just drop us a note and ask. You can also call us at 888-997-8242.
We will be auditing all wordpress installs on our server in the next few days and will be sending out warning notes to anyone found running a vulnerable version. Please take these warning e-mails seriously, failure to address this vulnerability will result in suspension of your website. We realize this is a harsh response but we cannot afford to have our server abused.
Feel free to contact us with any questions. Thanks for your attention to this matter.
-Matt
Manager, Svaha LLC
latest news
- Svaha Update - Oct 2009 - New Server!
- Recent hacks and wordpress - Sept 2009
- Downeast Learning Cooperative
- Wordpress Class in Ellsworth, ME - April 2009
- Svaha Update - Jan 1 2008
- Svaha Update - September 2007
"Let us not be content to wait and see what will happen, but give us the determination to make the right things happen."