Wordpress Plugins

iframe to shopmoviefestival.cn-mixmaxgroup.cn

Posted on June 11th, 2009 in How To, Wordpress Plugins

This days I am dealing with some infected files in my sites. I have seen thet this bot is inserting two iframes in files containing in their name “index”,”default” or “home”. On this blog the files infected was /index.php, /wp-admin/index.php, /wp-admin/index-extra.php, wp-includes/default-filters.php and /wp-content/themes/../index.php . All this files were containing the two iframes pointing to the two .cn sites. Looks to be a vulnerability on the server as far as all sites hosted at the same IP were modified.

So the fastest method to repair is replacing the infected files containing the malicious code inside with some clean files from default installation or open with an editor and clean manually. After it, has to be secured the website by adding a .htaccess file with the rules to block the malicious visitors and of course install some useful plugins as firewall and file monitor.

The plugin Wordpress-Firewall is available to download here


Later on I will post a model of a .htaccess file


Tags:
Read post Add your comment

Spam comments IP

Posted on April 03rd, 2009 in How To, Wordpress Plugins

Here is a list with few sources of spam comments. This list can be used with the plugin WP-Ban

24.91.240.144
58.26.62.164
59.90.248.237
60.195.251.8
62.157.119.95
63.115.180.130
67.18.131.10
71.226.77.254
76.124.146.231
81.16.86.218
81.99.182.172
83.233.30.32
83.149.85.211
84.253.90.222
91.121.31.145
91.188.161.235
95.28.37.126
99.161.121.161
121.204.0.2
121.189.14.16
122.217.38.6
123.108.66.9
128.213.48.25
142.22.186.12
147.175.96.240
147.210.36.154
148.223.208.211
168.126.28.253
173.9.33.141
174.36.168.220
174.129.131.226
174.129.182.107
192.167.112.176
200.66.106.143
200.84.3.51
208.64.96.73
212.1.246.140
221.148.247.20


Tags: , ,
Read post Add your comment

Ban an ip

Posted on March 11th, 2009 in How To, Wordpress Plugins

Some blogs are receiving a lot of spam comments. One of the simplest ways to avoid wasting all time to cancel and mark as spam is to ban the IP. A nice plugin wrote by Lester Chan is WP-Ban

Features:
» Ban users by IP, IP Range, host name and referer url from visiting your WordPress’s blog. It will display a custom ban message when the banned IP, IP range, host name or referer url trys to visit you blog. You can also exclude certain IPs from being banned. There will be statistics recordered on how many times they attemp to visit your blog. It allows wildcard matching too.

Download:
» WP-Ban 1.40 For WordPress 2.7.x
» WP-Ban 1.31 For WordPress 2.5.x And 2.6.x
» WP-Ban 1.20 For WordPress 2.1.x To WordPress 2.3.x
» WP-Ban 1.00 For WordPress 2.0.x

Screenshots:
» http://lesterchan.net/wordpress/screenshots/browse/wp-ban/

Development:
» http://dev.wp-plugins.org/browser/wp-ban/

Translations:
» http://dev.wp-plugins.org/browser/wp-ban/i18n/

Support Forums:
» http://forums.lesterchan.net/index.php?board=10.0


Tags: , , ,
Read post Read 1 comment
Older posts »