Wednesday, March 10, 2010

Subscribe to my full RSS feed

Follow me on Twitter

Defending Against A SQL Injection Attack

October 24, 2009 by Bill Hamilton
Filed under Other Rambling Thoughts

One of my sites came under a SQL Injection attack today. The attacker used the following to attempt to attempt access:

/wp/index.php?cat=%2527+UNION+SELECT+CONCAT(666,CHAR(58),user_pass,CHAR(58),
666,CHAR(58))+FROM+wp_users+where+id=1/*
I have the SEO Egghead Wordpress Firewall and Lester Chan’s WP Ban plugin, so the notification of an attempt and the ability to block it were quick, but protection began early.
Changing the Admin User
The above [...]

Tags: attack, sql injection, WordPress

eNews & Updates

Sign up to receive breaking news
as well as receive other site updates!
Translate This Page
Plugin by Taragana
Quotes I Like
“It is literally true that you can succeed best and quickest by helping others to succeed.”
- Napoleon Hill
Recent Comments

Lane: I wish I could write half as well...
2132b0e86e: Hi! cool service!...
Bill Hamilton: I agree with you, Nadir. I had lead Scrum projects...
Nadir Khan: Your take on Scrum is spot on! but please understa...
Lynn: Wordpress Firewall is great. I saw on your Twitte...
Bill Hamilton: I'm glad to see you're picking up WordPress Firewa...
mrdthomas: Great post I am gonna download WordPress Firewall ...
Bill Hamilton: Glad to help, Thomas. My list in WP-Ban is current...
Thomas Winther: Hey, just wanted to thank you for bringing the WP-...
Bill Hamilton: Thanks for pointing out the Market Theme, AJ. I ha...
Tags

attack sql injection WordPress wordpress e-commerce Featured (2)
Other Rambling Thoughts (5)
Scrum (3)
Uncategorized (2)
WordPress (3)

WP Cumulus Flash tag cloud by Roy Tanck and Luke Morton requires Flash Player 9 or better.
Recent Tweets
- Bugs Dashboard: Bugs Dashboard is an example of our commitment to software quality. We designed a system that a.. http://bit.ly/nKQr8 02:04:25 AM November 10, 2009 from twitterfeed
- The Status Reporting Tool: We excel as a geographically dispersed global team of experts and our Status Reporti.. http://bit.ly/3wxV6v 02:04:24 AM November 10, 2009 from twitterfeed
- Agile Project Management: WMPNJ Software has extensive experience with project management using Agile technique.. http://bit.ly/1lQDqd 02:04:22 AM November 10, 2009 from twitterfeed
- NMKMS (Data Warehousing For Navy Medicine): WMPNJ Software has a great deal of experience in data warehousing. .. http://bit.ly/31JgTe 02:04:20 AM November 10, 2009 from twitterfeed
- New blog post: Forgotten Password Attack On WordPress http://bit.ly/2EazLC #wordpress 12:39:38 AM November 04, 2009 from Twitter Tools
Agile
AJAX
- Agile Ajax
- Ajaxian
CSS
- CSS Beauty News Feed
- Free CSS Templates
MySQL
- Planet MySQL
Oracle
Professional Development
Scrum
Web Development

Popular Searches

Archives