Thursday, April 14, 2011

Wordpress Servers Being Hacked

The title of the writing on the blog's "Security Incident". It is important, because the author is Matt Mullenweg, founder of WordPress, and is written in the official WordPress blog. In short, Automattic.com servers, which store data a number of services such as WordPress, Mullenweg burglarized and decided to be honest to the public.

On her blog, Mullenweg said, burglary to a number of servers Automattic occurred on Wednesday (13 / 4). He said the burglary was categorized "low-level (root) break-ins". That is, there is potential for anything on the server is accessed by the breaker.

For WordPress users, this is certainly not encouraging. In addition to WordPress, Automattic servers also store the codes and data partners such as Akismet, Gravatar, and others.

Automattic already studying how the burglary was carried out, and as far as what information is exposed to the breaker. And, "We have secured the entrance used by the accessor," says Mullenweg.

Mullenweg added, it considers the source code they have been exposed and copied. "A lot of our code is Open Source, but there are some sensitive parts of our code and our partners," he said. However, based on a thorough examination and audit system, the information exposed to the breaker apparently are limited.

Based on that, Mullenweg had no specific advice to users, in addition to again remind the basic security measures: use strong passwords, use different passwords for different sites, and if there has used the same password at other sites, replace password with the safer .

"We have taken preventive steps for a similar incident does not happen again," says Mullenweg.

Openness Mullenweg was welcomed by users. On page commentary, written a number of positive feedback, which in essence still felt confidence with WordPress because they are open.

The question: whether this burglary can only affect the blog at WordPress.com only, or also to WordPress which is stored on another server, such as personal blogs? Matt Mullenweg said, "Defrauding involves WordPress.org sites also, but not to the WordPress software that you have saved elsewhere."

No comments:

Post a Comment