Pls help - wordpress blog got hacked 3rd time since 1 year

[phoenix]

hello.. the wordpress blog hosted at steadfast - hackstacks.com is being hacked for the 3 rd time in 1 year. I am using the latest version of wordpress and even a few plugins used are all updated. I have checked with file permissions and they are set to 644.

But still the site got hacked and whacked and defaced. Though the passwords are long and more than >20 characters,long, the hacker managed to change the password to the wordpress blog.

Will people at steadfast or forum members please help as to what needs to be done? there is no listing of any security vulnerability in the latest version of wordpress or any other issues in the wordpress forum..

how to safeguard the wordpress blog from the hackers who deface the site??

[brad]

Hi there,

To note:

1) Just because there aren't known vulnerabilities in your version doesn't mean an exploit wasn't used, and it's certainly what I'd expect.
2) As I suggested, look in your access logs for the wp-admin access when it was hacked. You should be able to get an idea forensically of what happened just by tracking the user's page views.
3) Is your actual database password secure? Have you remembered to change it after past compromises? Remember if they get full access to wp-admin, they also have access to your configs.
4) I'd suggest you stay with it on the WP forums rather than here. Our forums are a nice way to post general non-urgent questions about our service and the Internet in general, but you're unlikely to get a better response from a very lightly used forum than at the official support venue of a wildly popular product.
5) Finally, my answer to this is quite simple: stop using Wordpress. It's a wonderfully flexible product but due to its ubiquity security issues are constant. Just updating to fixed code won't inocculate you against compromises, and given that the focus of the material you're publishing is security-based, you're begging someone to make a point by hacking it. I'd fully expect that it's the same guy with the courtesy to apply every new exploit all three times. The first step to preventing hacked sites is to know and manage your own code. You have a nice simple and elegant site that could be easily implemented and updated with simple HTML. It's pretty hard to hack markup text

If that's too much effort I'd still suggest a bit of security through obscurity by using a different CMS. We switched over to b2evolution for steadfast.net/blog for roughly the same reasons and have been satisfied.