[wp-hackers] New (to me) Cracker Attempt
Chris Coggburn
chris at coggburn.us
Wed Aug 11 01:22:47 UTC 2004
That sounds like a good solution, and not really that hard to implement.
This should probably be added to wordpress asap...hmm
Brian Meidell wrote:
>
> install.php could time out by comparing it's creation date to the
> current time.
>
> /Brian
>
> Randy Peterman wrote:
>
>> I got a new query term from Google:
>> inurl: "/install.php"
>> <http://www.google.com/search?q=inurl%3A+%22%2Finstall.php%22>
>> Which concerns me, not because they can toy with my WP install, but
>> because it means that new people just thinking, "Let me try WordPress
>> out." may upload the files and then say, "I'll do that later." Later
>> could be too late as someone could have defaced their page. I know
>> this isn't a real threat to the 5 minute install, but it is in the
>> case of the n00b. Any thoughts?
>>
>> Regards,
>> Randy Peterman
>>
>>
>>
>> _______________________________________________
>> hackers mailing list
>> hackers at wordpress.org
>> http://wordpress.org/mailman/listinfo/hackers_wordpress.org
>>
>>
>
> _______________________________________________
> hackers mailing list
> hackers at wordpress.org
> http://wordpress.org/mailman/listinfo/hackers_wordpress.org
More information about the hackers
mailing list