Posted by David Westbrook on Tuesday, September 13, 2011

If you’ve been pulling a Rip Van Winkle for the last month, or you just don’t follow WordPress news that closely you may have missed the fact that  a script called Timthumb, which is not part of core WordPress but is used in lots of plugins and some themes, has a vulnerability that has allowed thousands of sites to be hacked.    What the hackers are basically doing is redirecting your visitors to other sites from which they then download malware on to the visitors computers.  

If  your site is hacked things can get a lot worse.   Once they gain access to your files, the hackers are changing other files on sites besides the timthumb files to provide themselves with a backdoor to continuously reinsert their redirects which are generally placed in your site’s .htaccess file.   Finding these backdoors can be hugely time consuming and costly. 

Here an ounce of prevention is worth much more than a pound of cure.  Finding out if you have the timthumb script on a WordPress site has been made much easier with the the timthumb vulnerability scanner plugin which can be downloaded here at WordPress.org.  Just install the plugin, activate it and go to “Tools” in your dashboard to find the link to run the scan.  The scan basically looks for files named either timthumb.php or thumb.php and then it looks at the version number of the script.  If it finds that the version is below the most recent it will give you the option to update that file to the latest version that plugs the vulnerability.    Five minutes of your time that could save you hours and hours of headache and frustration.

 

Categories: Tips