I’ve just upgraded various blogs I look after – including my own – to WordPress 2.8.5. This release is regarded as a ‘hardening’ release by WordPress themselves, and if you’re reasonably up to date the upgrade is a piece of cake – the automatic installer does it all for you.
It might also be a good time to take a look at your WordPress setup in general. Good practice with any website installation tehse days states that the less you have on a website, the less places there are for malware to hide, so one thing to do immediately is to remove any unused themes or plugins – use your FTP client to back them up if you can’t lay your hands on your originals. If you do decide to change theme or use the Plugins again, just install them. Whilst there are some nasties that lurk in the ‘Default’ theme, it’s probably best to leave that installed because it gives you a fallback position if a Plugin breaks your custom theme.
If you have statistics running, take a good look at any ‘spikes’ in the page views. I use the WordPress stats package and find it perfectly adequate for my needs – which is basically stroking my ego to see if people are reading what I write. Looking at my page view, I noticed a spike over 3 days early last week – twice as many hits on the site as usual. Unless you’ve recently done a push for readership, or have blogged on a matter of wide interest, this can indicate a compromise of your site – as I found.
The stats package provides a list of search terns that are used Looking at things in more detail I noticed that whilst the pages accessed were familiar to me, the search terms that were used to get there were most certainly not. ‘Girlfriends boobs’ is not something I tend to write about on this site!! Now, given that those terms must have been on the site somewhere to get the hit. I took a look at the logs provided by my hosting company, and also wandered around my site with FTP. I DID find evidence of some dodgy looking links, buried in a sub-directory inside teh WordPress installation being accessed by looking at the logs. However, checking with FTP revealed noting – I realsied that my upgrade to 2.8.5 had wiped out the evidence. I’ve not had any similar strange search terms showing up since then.
So – summing up:
- Keep upgraded.
- Remove anything you don’t need.
- Install some simple stats and watch Page Views for unexpected spikes. Get a ‘feel’ for the normal sort of readership levels of your site.
- Keep an eye on search terms used to get to your blog. If ‘odd’ search expressions turn up then start ferreting around. If you have a Google account, register your site with Google and keep an eye on unfollowable links, etc. Learn what logs are available from your hosting provider and use them.
That’s my lesson for today on WordPress! As for the upgrade – 2.8.5 works like a charm and has no bad habits that I can find!