NextGEN Gallery For WordPress SQL Injection Vulnerability

created by Bob Morris


Have you found yourself the target of SQL malicious code injection in Wordpress? Are you using the NextGEN Gallery plugin for WordPress? Read on to find out how to respond and remove this threat.

Read more

How to identify a hacked WordPress website

created by Bob Morris


Have you been having issues with your WordPress site? Is it showing erratic behaviour, or perhaps your links are not working correctly? You may have been hacked. But how would you know? Follow the steps within this post to find and rectify these issues.

Read more

Thousands of websites affected by jQuery malware issue

created by Bob Morris


Here at FixHacked we like to keep our ear to the ground on what is going on in the online security landscape. Sometimes however things can seem a little quiet and it is moments like this when it is good to highlight those hacks we may be well aware of, or those we believe we are protected against.

This time around we are going to focus on jQuery hacks, these fake injections have always been a popular method amongst hackers ever since jQuery went mainstream and became one of the most popular...

Read more

Wordpress Vulnerability Compromises Tens Of Thousands Of Websites

created by Bob Morris


I recently wrote about a zero-day flaw in Wordpress which allowed hackers to bypass the permissions/privilege limitations usually present, in order to view, edit, delete, and create posts on a Wordpress-powered site. As is the ‘norm’ with such ‘known vulnerabilities’, Wordpress did not initially disclose the vulnerability publicly, instead choosing to work on a fix with internet security research companies in order to create a patch which was released before disclosing the vulnerability.

Read more

The Art of Rejection of Content Injection

created by Bob Morris


Are you running a recent version of Wordpress? If you are using either version 4.7.0 or 4.7.1 you are at risk of being attacked via an exploit in the Wordpress REST API. If you have noticed some strange behaviour on your Wordpress site and you are unsure of how it came to happen, read on for advice on what this is and how to remedy the situation.

Read more

How to fix: “The site ahead contains harmful programs”

created by Bob Morris


Are you having problems with your website? Is there a warning page before accessing your site notifying you that “The Site Ahead Contains Harmful Programs”, The Site Ahead May Contain Malware” or even “Deceptive Site Ahead”? You may well have been the victim of a malicious SQL code injection. To remedy this issue, read on for advice on how to not only remove the harmful programs, site-defacement suspicious links and malicious content, and in the process clean up your website.

Read more

How to fix a hacked vBulletin forum

created by Bob Morris


Do you run a forum powered by vBulletin? Have you recently been the victim of a hacking attack on your site which has compromised user access, as well as their data? Read on for advice on how to not only fix your hacked vBulletin forum, but also how to harden it to further hacking incidents.

Read more

A Helpful Guide to Fixing a hacked website

created by Bob Morris


If you have ever found that your Wordpress website has been hacked, or it has recently been hacked would you know what to do in such an instance? In the following article we show you how to wrestle back control of your website and put in place measures to reduce the risk of it happening again.

Your online business is doing really well, many of your products are selling at a steady clip and feedback on your service is very positive. A sense of ease pervades and you are able to put your feet up,...

Read more

Auditing Your Website Security

created by Bob Morris


I’ve been blogging now for over five years, but writing online in some capacity for around twelve years or so. During this time, I have learnt so many things about blogging platforms, those which thrive and those which falter. The CMS (Content Management System) of choice is now undoubtedly Wordpress, whether you are a small-time blogger, small-business owner or massive conglomerate.

Pretty much everyone is onboard with this website-building platform, it is open-source, free-form and a...

Read more

How To Audit Your Web-Application Security

created by Bob Morris


As Wordpress has grown over the years (exponentially so), it has evolved from a simple blogging platform, to a CMS (Content Management System) and more recently as a cheaper method of Web Application Development. What this means to you (and me) as both a site user and content creator is that as it’s ease of use and functionality has grown, so has the complexity and resulting security threats… to an extent.

In this article I am focussing specifically on how to audit your web applications and...

Read more

Scanning Your Wordpress For Malware

created by Bob Morris


Recently I was chatting with one of my friends who is interested in creating a Wordpress site. He is quite new to the whole process and was using his site to sell golf handbooks for the European and US PGA tours. 

However he recently had an issue with malware (malicious software) and this was not only impacting the trade he could do through his site, but it had brought his productivity to a complete halt. Now me being the wonderfully helpful and salubrious chap that I am, felt it would only...

Read more

How To Maintain Your Wordpress

created by Bob Morris


When was the last time you took your car for a good service? Changed light bulbs in your house for some energy saving ones? Or even applied some more thermal paste to your CPU (Central Processing Unit)? My point is, everything needs ‘maintaining’, updating, refurbishment and upkeep to ensure that everything is running as required without any major issues. The same applies to your Wordpress, to be honest with you… it’s been a while since I too have done so myself, so it was only right that I...

Read more

Those Dreaded Words - “This Site May Have Been Hacked”

created by Bob Morris


Have you ever done a google search for a website only to be greeted to the following message, ‘This site may have been hacked’? That’s never a great thing, in fact it’s a truly abhorrent thing to happen. This warning is applied to your Wordpress site, when it has been compromised by hackers and users could be infected by malware, or even redirected to another site. 

It drives people away from visiting your Wordpress site, current users will be wary of using your site due to security issues...

Read more

Oh Plums… You Have Been Hacked!

created by Bob Morris


Things have been going swimmingly (read: very well) for your Wordpress site, not only have you managed to update with some fantastic reads lately. The site readership is going up, your social-media presence is growing at a steady clip and all feels right with the world. You feel almost, should we say, “Proud”. You give yourself a pat on the back and arrange a long overdue night out with your friends, heading out to grab some drinks and devour some Tapas.

It’s a lovely evening, the wine is...

Read more

Scanning Your Wordpress Database for Malware

created by Bob Morris


Like me you may have heard the horror-stories, a website you use has been compromised by the work of a hacker who has inserted malicious code into a website and used this to gain control to the website, or the websites database.

Wordpress the most popular CMS (Content Management System), is often a victim of its own success and as such hackers tend to target the sites built using Wordpress, taking the opportunity to exploit the sites security… or lack of.

Malware in case you didn’t know is...

Read more