Tim Linden

I'm the CTO of TimTech, I love coding with PHP and MySQL.
I'm addicted to tracking clicks and email marketing.

I guess CloudFlare works

My apologies for any emails over the weekend from my blog. It appears someone somehow got into my blog. This may shock you but, I can say that CloudFlare works. Because, little secret, Friday I turned it off. Mistake!

This is why I keep wordpress and any freely available script off of our company websites. I know many people like to have a blog for their site. I like sites that have blogs that showcase their services. I even wanted to make one for Trck.me.

The mistake is to have something that can have vulnerabilities on the same account as your important sites. If they were to gain access to your files they could do big damange.

Now in my case it looks like they used a plugin bug to create a user account with publishing privileges. I’ve seen this kind of exploit mentioned numerous times in WordPress history. It may have happened to you. This kind of access means they were able to make posts, but they weren’t able to install software or what not.

In fact one of my pet peeves is this blog’s security doesn’t let me auto install things. Now I’m way thankful! Imagine if they could have had access. Well, I guess they’d only be able to mess up my splash pages LOL but it does make me realize all this auto stuff isn’t the best.

Anyways, it’s a good time for all of us to: Get CloudFlare for your blog (or even forums), Update all the plugins and themes you use, and delete all plugins and themes you don’t use. Many times people forget about the things they don’t use. Old plugins can have old exploits. So go ahead and delete them.

7 comments for “I guess CloudFlare works

  1. Anthony
    February 4, 2013 at 11:48 am

    Hi tim here is something i found about 3 months ago this may or maynot help! http://blogdefender.com/

  2. February 4, 2013 at 12:28 pm

    Hi Tim, that is an interesting experience. I have until now shied away from CloudFlare as I was left with the impression that it was a less than robust CDN, and that it could even degrade the quality of service. You had no negative experiences with it at all?

    • Tim
      February 4, 2013 at 12:41 pm

      The only negative was with our high traffic advertising sites. It works really well for blogs however.

  3. February 4, 2013 at 12:42 pm

    Hi Tim,
    I received about 5 posts that weren’t from you, I actually took a serious look at the first one that about skincream…in Turkish. LOL! Thanks for keeping us updated about what happened and potential bugs in stuff :)

  4. February 4, 2013 at 12:44 pm

    Sorry to hear this happened to you.. The net is still kinda like the old wild west. Lot of things out in the wild.

    Gosh I forget quite a bit of what I use at time… Just to much to do I guess.

    Thanks for the post..

  5. February 4, 2013 at 1:56 pm

    This explains a lot Tim. Thanks for letting us know.

  6. February 4, 2013 at 3:50 pm

    Hi Tim,

    At least you’re clever enough to fix everything and make sure it was all deleted.

    Hope that none of the bad links have spread and effected anything else. I had my twitter account closed for a week as it was linking to my site which was experiencing malware issues due to some nice hackers.

    Andrew

Leave a Reply