Is it always useful to be on the lookout for the signs of your blog being attacked, even if you do not think it has been attacked. These signs might just reveal an attack has taken place.

First, posts could be changed to display strange messages. This is in a way counter productive as it is quite often the first indicator that you have been attacked and why you notice the attack. If the messages weren’t there, you would never know about it. But it seems this is what the attackers want – you think you have cleaned up the attack but there is still something somewhere.

After this, executable files might be left on your server, which can install viruses onto readers’ machines or allow access for the hackers. If you know the date of the attack, look in your downloads directories for any files added since that date.

Another obvious sign is that your permalinks change and suddenly add a bit of code and strange characters. ‘eval’ appearing in your permalinks is a sure sign of an attack and is the attacker leaving a way of running hidden code through the links.

Lastly, you should also keep your eye on new user ids created. WordPress does email you if any new users are created, but it is easy enough for the attacker to change the admin email, add the new id (and receive the email confirmaton) and then revert the admin email. So check in case suddenly new admin ids are appearing.

And if you find any of the above it is not just a case of clearing them out as you will probably leave more parts of the attack elsewhere. If you find you have been attacked, it is down to those backups and reinstall the blog from fresh. Cleaning the damage might not remove it all.

Want to know how to do these or other security considerations? Come back again, or follow the blog security tag.

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

If you want to keep up with our latest posts, just follow us on our RSS feed, join our weekly newsletter or follow us over at Twitter. Please do join in - it is totally free and only the best posts are passed to you!

Also, leave a comment below. We are a 'DoFollow' blog, so it is well worth your time. Thanks for calling in.

Similar Articles You Might Like To Read:

    Related posts:

    1. Backing Up Your Blog In Case Of An Attack If someone sucessfully attacks your blog and gets admin access, then untold damage can be wreaked. So you need backups...
    2. Avoid Known Security Holes By Upgrading WordPress One of the reasons that new versions of WordPress are released is that security holes have been discovered and patched...
    3. Locking Down Your WordPress Admin Login If someone is going to attempt to attack your blog through brute force, a good password and an unusual admin...
    4. Ways Hackers Can Attempt To Attack Your Blog If you are worried about the security of your blog (and if you own a blog, you should be), then...
    5. Why Do People Attack Blogs? Why do people want to attack blogs? What are they getting out of it and where is the point? Well,...
    6. Create A New WordPress Administrator Renaming your WordPress blog administrator user is a huge security step, increasing the safety of your blog. So, what must...
    7. Protect Your Blog By Not Telling People Who Powers It OK, a very simple measure and it is quite easy in actual fact to work out that you are using...
    8. General Blogging Security Precautions Protecting your blog is more than keeping it up to date and using good strong passwords. There are general security...
    9. Choosing A New WordPress Admin Name If you want to make sure that you beat brute force hackers, then you must change your admin userid. Here...
    10. Protecting WordPress From Brute Force Hackers So, what can we do to protect out blogs from brute force attacks, where hackers just spend ages trying out...