2018-01-30

Keylogging detected on 2,000 WordPress Sites

Keyboard in the Matrix    
The first version of this blog was a wordpress creation and I utilized numerous plugins and widgets to the point that I was happy and satisfied with both what I had done and how it looked on the web.

Being a chronic log reader, I would notice the various attempts at SQL injection and php scripting exploits — some of which were amusing and others simply annoying with their amateurish approaches and primitive control structures.

It was about that time when I began researching the exploits associated with wordpress sites in general and I felt that the community add ons were the root of the evil associated with hackability regarding that environment.

Later I realized that a big chunk of the problem was php itself. After all, if I can craft a sophisticated script in a half hour to toss you out permanently based on a number of triggers just how easy would it be for someone else to either gain access or assume control of MY site ?!

Nowadays I utilize only enterprise level implementations with web, content, and database servers which aren't nearly so commonplace as mysql or mssql, redhat or windoze — and the access portals are embedded within a number of encapsulating constructs of my own design to the point that I'm satisfied that I'm staying on top of the little hacker dudes out there to get me just because their little dumb asses think they can.

Suffice it to say that the road less traveled has made quite a bit of difference in the evolution of my web node to say the very least.