WordPress hacked with the XSS UTF-7 • WordPress Help

 injection xss wordpress

Today Jorge warned me that his site had been hacked by a really strange system which replaced the code of " title " of its WordPress by a really cryptic text string and, incidentally, had changed the encoding of the site to UTF-7 between other niceties.

After the initial scare, and a few searches and calls to your hosting provider, you have been giving the problem and the solution .

The visible part of hacking may vary, and in this Google search you have several possible examples of what " tuned " your website may be once at the mercy of hackers, but the worrying thing was the change of coding, which He alluded to fat problems.

Well, looking here and there, J orge has found more than one WordPress user that had happened to him, like this or this other where there was already an analysis of where the shots could go. [19659005] And the culprit seems to be a Apache XSS vulnerability which would allow to change the encoding, which is what they were targeting in WordPress Answers .

The case is that this is bringing quite a debate in the forums of Unix and Apache, because there are those who say that the problem is Internet Explorer but the reality is that the site is hacked, put as they are

The vulnerability would be something like this:

    1. Someone sends a comment text of type + ADw-script + AD4-alert (+ ACI-Hello + ACI -) + ADw- / script + AD4- . And any validation passes.
    2. The database expects all incoming data to be UTF-8 and treats it as such. And since the UTF-7 strings are also valid in UTF-8 this causes a SQL error, which neither mysql_real_escape nor htmlspecialchars will play.
    3. WordPress sends a header text /html;charset=utf-7.
    4. WordPress shows the comment, waiting for the data, but since it is treated as a UTF-7 by the browser, the JavaScript is executed.

    The case is that most browsers do not support UTF-7 so they will show the string as UTF-8 or Windows-1252, but the reality is that the possibility of someone doing a hack to the web executing codes of this mode is there.

    Is there a solution?

    Well thankfully yes, and first, and do not say I have not warned you times, it is to have WordPress updated . Even Jorge has only happened in the only WordPress he had without updating to the latest version, so you know.

    What does not fix the problem is to change the coding in the database to UTF again -8 because you still would not know where you came from, so I refer to the previous sentence: is looking for an initial WordPress without updating yours or a hosting neighbor (that it's the bad thing.)

    Once there recover a recent backup and install the latest version from scratch to make sure you have the site clean of any code that could have been injected using JavaScript . Follow the routine for protect WordPress from malware .

    In the part of Apache to stay calmer, there are several settings that can be made as well that talks to your provider to make sure.

    And nothing else, if perhaps Jorge will tell us how he has gone with the matter, and point out some more detail, or yourself if it has happened and you have arrived to better conclusions about this problem. I have thought it important to share your problem and the solutions found so that you are warned and put countermeasures .

    NOTICE : this publication is from two years ago or more. If it's a code or a plugin it might not work in the latest versions of WordPress, and if it's a news story it might be obsolete. Then do not say we have not warned you.

    Loading …

    That may also help you:

2,400 double-sided blu ray to store a year of the WordPress community • WordPress Help

If you wanted to store all the publications created in a single year by the WordPress community you would need 2,375 double-layer blu ray discs, that's nothing.

This is one of the data that have compiled in Broadband Choices and have included in an interesting infographic in which, among others, you can read these interesting data:

WordPress 3.2 Requirements

Well it's about to come out the older version WordPress 3.2 and it will have important news and, what is more important at the moment, new requirements .

WordPress 3.2 brings Server-level requirements, and browser usage recommendations based on the Browse Happy initiative notes:

WordPress HTML5 Plugins • WordPress Help

Now, with the approach of most modern browsers to HTML5 it is necessary that more and more plugins that adapt to this new – and revolutionary – standard appear. So far there are not many so here you have all the ones that I have found with a description of what they offer. Of course, it is advisable to update or change to an HTML5-compatible browser here is a comparison .

As you can see there are not many, but soon they will be legion. I hope this post has been useful to attract your attention to the importance of HTML5 and, by the way, to know some good plugins.

Show the theme Default to Internet Explorer 6

I hear from Andrés of a very cool trick to show the default template of WordPress to visitors who still use Internet Explorer 6 and that they see our content well even if they lose our aesthetic virtues displayed in our chosen template.

To achieve this you just have to add the following to the file functions.php of your theme (template):

add_filter ( 'template' 'serve_default_to_iesix' ) ;

add_filter [19659005] ( 'option_template' 'serve_default_to_iesix' ) ;

add_filter ( 'option_stylesheet' 'serve_default_to_iesix' ) ;

function serve_default_to_iesix ( $ theme ) {

if ( strpos ( $ _ SERVER [ 'HTTP_USER_AGENT' ] 'MSIE 6' ) ! == false ) [19659002] $ theme = 'default' ; [1 9659002] return $ theme ;


The controversy of the new emoticons for WordPress 2.9

These days I've been following the exciting controversy about the possible change of emoticons for WordPress 2.9 . What was proposed was to change the classics, which have been accompanying us for so many years, for a new set of smileys. In this page you can see both.

The original idea was to substitute in the WordPress core the classics for the Tango emoticons with GPL license, in order to give it an air new to this functionality of WordPress, but the controversy arose on several fronts.

On the one hand is the fact that an aesthetic change of this type should have been raised as a survey to users, as has been done on other occasions. Here was raised how new emoticons would accommodate both veteran users (most) and new ones.

Another discussion was about the issue of including them in the kernel, which generated possible transparency problems with Internet Explorer, but more important, the fact of incorporating a non-vital aspect in the core, more than tastes.

For now the discussion has been deadlocked with the proposal of Matt to add a new internal plugin to change the set of emoticons at the user's will.

Internet Explorer 8 and WordPress

Today has come to light Internet Explorer 8 the new version of Microsoft's browser, and as sure that many users are launched to use it from now you should know that it may not show well your WordPress … or even your forum in bbPress .

If you want to avoid this bug of the new version of Internet Explorer (or WordPress, it goes in likes), you can add ] this line of code in the first lines of the file header.php of your active theme, or add it to the file functions.php (also of your active theme), or creates a small plugin :

Of course, not only WordPress is showing visualization problems with IE8, some other pages are not seen correctly have you noticed your something strange?

Transparencies in all browsers using CSS

One of the hardships of any web developer is to obtain consistency in the presentation of content independently of the browser . One of these inconsistencies is the way in which each browser manages the transparencies of images and objects .

Well, if you want to apply transparency to an element, regardless of the browser, you can get it by adding CSS lines to it:

element {

filter : alpha ( opacity = 50 ) ; ] / * internet explorer * /

-khtml-opacity : 0.5 ; / * khtml, previous version of safari * /

-moz-opacity : 0.5 ; / * firefox, mozilla, netscape * /

opacity : 0.5 ; / * safari, chrome, opera * /

-ms-filter : "progid: DXImageTransform.Microsoft.Alpha (Opacity = 50)" ; / * internet explorer 8 – thank you Andres * /


Of course, you must remember to modify the " ele ment "by which you are going to adapt, and also know that you can play with the different levels of opacity until you find the one that fits the aspect you want to achieve.

Browse Happy – Do not use Internet Explorer • WordPress Help

The people of Automattic responsible for the development of WordPress never ceases to amaze me. Today, taking a look at the main website I found a curious link at the bottom of the page that invites you to Browse Happy .

Look, well, I do not know what recommended the WordPress team, I have not used Internet Explorer for years and I chose to use Safari (on Mac) and Firefox (Mac and PC).