WordPress vulnerability

[Member Services]

If you are running a version of WordPress older than 2.8.4, your site is vulnerable to attack.

Please protect your website immediately! Upgrade to the latest version of WordPress.

Here's how to upgrade:

1. Go to http://login.cruzio.com/

2. Enter your Cruzio administrative login and password (not necessarily the same as your WordPress login and password) and click "Log In."

3. On the Plesk Login page, enter your login information again and click "Login" to be taken to your domain's control panel.

4. In the "Custom buttons" section, click the "Installatron Applications Installer" button.

5. Find WordPress in the list. To the right of it, click on the button "Upgrade to 2.8.4".

6. On the first two pages, click "Next." On the third page, find the line in bold labeled "Backup". Make sure "Yes, create a backup and let me choose what will be included in the backup" is checked. Below, you will see a list of files that will be in the backup. Click "Next".

7. Keep clicking the "Next" button until it gives you the message "Installatron is ready to upgrade." Then click "Submit".

8. When the upgrade is done, click the "Complete" button.

You will now have the latest version of WordPress installed on your website.

Be sure to look at your site after upgrading to make sure there aren't any problems. If you use third party WordPress plugins, you may have to upgrade them so that they continue to work properly.

To learn more about keeping Wordpress secure, visit:
http://wordpress.org/development/2009/09/keep-wordpress-secure/

If you have any other questions or concerns, please don't hesitate to contact us.

[Member Services]

This WordPress worm installs a dangerous back door to your site by creating extra admin-level WordPress users. To find out if you have extra admin users, and to remove them:

1. Go to login.cruzio.com.
2. Enter your Cruzio administrative login and password (not necessarily the same as your WordPress login and password) and click Log In.
3. On the Parallels Plesk Control Panel page, enter your Cruzio administrative login and password again. Click Login.
4. In the Domains section, click the name of the domain you want to check.
5. In the Services section, click Databases.
6. Click the name of the database you want to check.
7. If your browser has a pop-up blocker, turn it off. Then click DB WebAdmin.
8. In the phpMyAdmin window, look at the left pane. You should see a list of the tables in your WordPress database. Click the link called wp_users.
9. In the right-hand pane, near the top, click Browse. You should now see a list of your WordPress users.

10. Examine the list of users for extra admin users. One typical hacker-created user is WordPress, with a user_url of www.com. Others may use part of your original admin's email address or display name as the user login.

    If you're not sure which users are legitimate and which are hacker-created, compare the ones you see here to the list you see when you log in to your WordPress administration area and go to the Users screen. Hacker-created users will typically not appear at all in the WordPress admin Users screen.

11. In the phpMyAdmin screen, delete the hacker-created users by clicking the red X icon next to each.

12. Now that you've removed the unwanted users, change your own admin user password. In your WordPress admin area, visit Users -> Your Profile, go to the About Yourself section, and enter a new password twice. Choose a strong password! Click Update Profile to save your new admin password.