All about SQL Injection Attacks on Wordpress

I am taking a short break from the Gimp Video Tutorial Series.  The last few days I have been in recovery mode after my site was hacked.  My site wasn’t coming up, and I couldn’t even get to the administration area.  It turns out (after much research) that the attack was an SQL Injection.  

Also called an SQL insertion attack, this form of hack is accomplished by inserting SQL Database code into a webform or some part of a site that is run on top of a database.  Now this does sound a bit complex, but it can have some dire consequences.  

I am far from a security expert, but necessity is the mother of invention.  I have learned that if you have a Blog you need to become a mini security expert.  

So this "rogue" SQL statement is executed, causes your database to freak out, and allows the hacker to manipulate files and routines on your website that generally only you have power over. 

In my case the attack inserted code into all my index.php files.  The code was a type of re-direction that if it was successful would have directed visitors to another website (some site in .ru).  It turns out that the code was not inserted properly and just broke the index.php files and gave a WSOD (white screen of death) when my site was visited.

I fixed my site after the first attack, and within 24 hours I had another one.  Same files, same symptoms.  Nevertheless I appear to have recovered and am in the clear (for now).  Here are the steps I have taken to insure security of my websites:

• Directories: 0755 
• Files:  0644

2.  Install Security Plugins for Wordpress Installation

The Plugins I recommend are:

I recommend visiting these sites for details.  These are great plugins that can provide peace of mind. 

The bottom line is that it is not if your site gets hacked, but when.  You need to be prepared, and I hope that this post finds it’s way on to the search engines so that it can help others. 

Let me know in the comments, or in an e-mail of any additional precautions you take with your sites.

-Loren

Search Engine Optimization or SEO as it is widely know is a key concept that all webmasters and bloggers need to understand.  TheTeachingBox is proud to present a 5 Part Tutorial series on SEO. 

I came across these videos a while back, and thought that they would be a good fit for Technology and Education.  Granted SEO Optimization is a bit more on the advanced side, but everyone could learn from these videos.

As with my other video series, I will present the 5 videos one at a time so that you are able to focus on the content and think about how you will implement the information on your own website.  As we cover each of the videos, I will make sure to include the links to all previous videos so that you can easily go back and review.

The presentation of these video tutorials is well done, and I was able to learn a quite a few tips on how to make my Blog Posts pop to the top of the online Search Engines.  They are all in Flash (.swf) format and will open in a new browser window.  You should have the latest flash viewer to watch them, but if not, your browser should prompt you for the appropriate plugin download.

Search Engine Optimization – Video 1

In this first video you will get an introduction to the Top 10 On Site SEO Fundamentals and how to implement them on your site.  They include the types of HTML formatting, and content you need to make your pages and posts search engine friendly.  The running time for this video is around 24 Minutes. 

In this tutorial I learned about the Traffic Travis tool for Keyword Research and SEO.  He spends almost half of the tutorial talking about it.  It is free and could prove to be a very valuable tool in your webmaster arsenal.

The author of this video knows his stuff, and gives evidence.  Let me know what you think about this series in the comments, or send me an e-mail.  What are your favorite SEO tips and tricks?

If you are interested I can make the set available to you.  They are in .swf format and the .zip files are still quite large.  Drop me an e-mail and we can work something out.

-Loren

This is an interesting video I found the other day on YouTube.  It is titled "Education in 2025".  As an education professional I am always interested in how people think education will happen in the future. 

2025 is a long way into the future, what do you think about this video? 

Leave some comments and links to how you think the future of education will unfold.

- Loren

New Article Published!

This just in!  I have a new article published at Commercial Micro Manufacturing.  If you have followed TheTeachingBox you will see that this is actually my third article published in this magazine.  It has a worldwide readership of over 35,000 (which is pretty large for an engineering trade magazine).  OK, it’s not Popular Science, but it is a start

So stop by and give it a look.  It is a piece on the machine tool technology that is used to produce molds.  The magazine comes out of the UK, so they spell some words a bit different.  A big thanks to Chris Young (the editor) for making me sound great.  I am certain his work is much appreciated  by all engineers who submit to his publication.

Overcoming The Barriers in Micro Moulding

- Loren

Much of the discussion surrounding Web 2.0 comes from internet marketers.  The opinions and input of the internet marketers is valuable because they are the ones seeking to reap the potential benefits of this technology.

I will provide a short but concise piece from my perspective as an Education Professional.  My thoughts about Web 2.0 are different because my goals are different.  I hope to provide an additional perspective which I hope adds to the available information and enhances the discussion of Web 2.0.

Tim O’Reilly is the indisputable authority on Web 2.0 and any discussion should refer back to the original scripture so to speak.  As I ponder the O’Reilly documents there are a number of points that I feel akin to as a Teacher and Educator.

I agree with O’Reilly that the web is a system.  His major points that define Web 2.0 show the web as a complex machine that consists of programs and applications all interacting with the people using the internet.  I feel that this is the “cold hard” mechanics of the internet.  Don’t get me wrong they are a valuable part of the internet, because without these mechanics it all doesn’t work.

As an Educator and Trainer I choose to focus on the Collaborative and Relationship aspects of Web 2.0.  For me, education is about learning, and collaboration is a large part of the teaching methods currently that I like to use.  Web 2.0 components enhance the collaborative way of learning.  For example the ability to share documents through Google Docs, and the use of Forums are tools that educators employ to help students learn in a collaborative environment.  Blogs are another tool that when properly deployed can provide valuable collaboration among peers.

The other part of Web 2.0 that interests me are the components that enhance relationships.  The relationships I form with my students in my role as a teacher are absolutely critical to the learning process.  Some argue that relationships are difficult to form in the online community.  I agree with this.  Relationship building online is Difficult, but NOT Impossible.  I feel that building relationships takes longer online due to the medium.  E-mail is the traditional and probably the slowest.  Applications like Twitter are the second tier, and the fastest is IM or online chat.  Nevertheless whichever application you choose to use to build relationships it takes time.  If you are not ready to dedicate the time it won’t happen.

My websites tend to be mostly informational, and I don’t sell products or information.  For me Web 2.0 is a hobby that I really enjoy.  I am an anomaly, as most of my friends online are business people.  They use the web to make a living.  My hope is to assist them and others in the quest for knowledge.  At this point in my life that’s all I want to do.  A wise friend told me, “build the relationships and the rest will follow”.

——————————————————–
About the Author:
Loren is a Principal Manufacturing Engineer by day, and an Education Professional by night. His engineering career has allowed him to have the roles of both engineer and Educator. He enjoys the study of instruction and training methods. He has a blog where he shares his thoughts on education and technology. Stop by and take a look at his latest projects. – http://www.theteachingbox.com.