Svar: Min side wordpresside er blevet hacket har brug for hjælp

Frank Hellerup Madsen — Sat, 27 Aug 2011 09:30:45 GMT

Dejligt at høre. Husk at lægge en kommentar hos hr Eskelund, så han kan se, at hans skriv hjælper hos de uheldige.

Svar: Min side wordpresside er blevet hacket har brug for hjælp

Bigandtfotografi.dk — Sat, 27 Aug 2011 08:38:00 GMT

Tak for dit fremragende forslag.. der var noget ekstra i en config file men det var også det.. TUSIND TAK..... Jeg er kommet videre op mit site er åbent igen..

Mange hilsner

Mikkel

Svar: Min side wordpresside er blevet hacket har brug for hjælp

Frank Hellerup Madsen — Fri, 26 Aug 2011 22:00:55 GMT

Hej Mikkel,

Prøv evt. denne fremgangsmåde. Når jeg læser Frank Eskelunds beskrivelse, ser det ret simpelt ud.

Min side wordpresside er blevet hacket har brug for hjælp

Bigandtfotografi.dk — Fri, 26 Aug 2011 21:38:34 GMT

Hej,

Min hjemmeside (wordpress) er blevet hacket og nu imidlertidig blevet suspenderet at one.com.

Fejlen er at den er blevet hacket med timthumb det er det som har været sikkerhedsbristen.

Jeg har nogle fede kommentarer på min side hvorfor jeg IKKE vil reinstallere themaet..

Man kan få til min FPT..

Nedenstående kan man se problemstillingen.

Jeg er interesseret i at een kan hjælpe mig ASAP...

Kontakt mig endelig på mikkel@bigandtfotografi.dk

Mange hilsner

Mikkel

Hello,

You are receiving this email because you are an active member of ElegantThemes.com. In the past, our themes have used a popular image re-sizing script called Timthumb (http://www.binarymoon.co.uk/projects/timthumb/). The script is used by millions of sites and is quite popular in the WordPress themeing community. That being said, it was noted yesterday that a vulnerability exists within certain versions of the script (http://code.google.com/p/timthumb/issues/detail?id=212)

, and therefore this vulnerability may also exist in your theme (depending on when you last updated it). While that author has provided a fix, it is highly recommended that you update all of your EelgantThemes themes to their latest versions. The latest versions of our themes no longer utilize the timthumb script and therefore are not subject to this security hole.

Regardless of when you last updated your theme, I would strongly suggest that everyone update their themes to the latest version and insure that the timthumb.php file and your /cache folder have been removed. To update your theme and remove the file, simply delete your current theme via the Appearances > Themes section of the WordPress Dashboard. Then you can re-download the theme from the members area and re-upload it normally:

https://www.elegantthemes.com/members-area/documentation.html#installdashboard

The latest theme versions require that your thumbnail images be hosted on the same domain name where WordPress is installed. If you were previously using timthumb.php to allow external image source by editing the file’s $allowedSites array, then these thumbnails will no longer function.

Before updating the theme, make sure that you are using the latest version of WordPress. I would also disable all of your plugins temporarily before doing any update to insure that no compatibility issues exist. Remember to always keep WordPress, your Themes and your Plugins up-to-date to help protect yourself against any vulnerabilities.

This security flaw also applies to all of your inactive themes as well. If you have any theme, even if it is inactive, that contains the timthumb.php file then you are potentially at risk. I would suggest deleting all of the themes that you are not using in addition to updating the ones that you are. This file is very common throughout all WordPress themes, not just Elegant Themes.

I am sorry for any inconvenience this has caused.

Teknik, hosting & e-handelsløsninger

Svar: Min side wordpresside er blevet hacket har brug for hjælp

Svar: Min side wordpresside er blevet hacket har brug for hjælp

Svar: Min side wordpresside er blevet hacket har brug for hjælp

Min side wordpresside er blevet hacket har brug for hjælp