6 Comments

  1. Pete
    Feb 20, 2007 @ 08:41:54

    Did you get any closer to the truth on this one? You can’t be that scared of K2 being hacked as you are still running it here and on your GF blog

    Reply

  2. carlo
    Feb 20, 2007 @ 09:49:35

    [quote comment="250"]Did you get any closer to the truth on this one? You can’t be that scared of K2 being hacked as you are still running it here and on your GF blog[/quote]

    I know how to fix it now so I just upload a replacement of the file. I also have a cron which uploads the files every 6 hours just in case. I can’t move away from K2 – I like it WAY too much.

    Reply

  3. Pete
    Feb 21, 2007 @ 04:53:37

    Hmm, but if there is a vulnerability with K2, shouldn’t we be looking to fix that rather than replacing the files every so often to cover it up?

    Reply

  4. carlo
    Feb 21, 2007 @ 08:51:01

    [quote comment="254"]shouldn’t we be looking to fix that rather than replacing the files every so often to cover it up?[/quote]

    Quite possibly. This said, I have implemented this measure as a safeguard. One thing I would suggest is the CHMOD the files in /wp-content/themes/k2/ so that it is unable to be written to.

    I personally enjoy CHMOD’ing all my files to 777 so I can make edits from inside WordPress, however, this is going to open these files up to attack.

    FYI, the files on the girlfriends website were NOT 777 (RWX all). Weird!

    Reply

  5. Zeo
    Feb 25, 2007 @ 20:59:52

    Wow! Is this for real?

    Reply

  6. carlo
    Feb 25, 2007 @ 21:29:27

    [quote comment="268"]Wow! Is this for real?[/quote]
    Yeah this is real and a little sad. I can see why these people can try to hack a major blog but my girlfriend’s is a teeny lil site that’s brand new. Kinda lame huh?

    Reply

Leave a Reply