Been dealing with a ton of problems lately with malicious content getting onto my wordpress sites and making everything run slowly. All of this could have been prevented to. I heard of the security issue with the old TimThumb script but didn’t do anything about it. Nothing was wrong with my websites so why would I need to change anything…. some really stupid thinking on my part. Your best offense against hacked sites is your best defense.
TimThumb is a PHP script that resizes images. It was used by a lot of different themes and plugins and if it is an old version it can be hacked. You can fix this by simply updating the script.
Here are some preventative steps to take
- Always update wordpress, wordpress fixes vulnerabilities and the older your version is the more susceptible you are to getting hacked.
- Check if you have TimThumb on your computer. Download the TimThumb vulnerability scanner in your wordpress plugins and upgrade.
If you think your website has malicious files on it ask your hosting company to do a scan of all your files to find them.
When I contacted dreamhost I got tons of malicious files that I had to go in and manually delete, or replace with clean files. I would suggest finding all files that are considered malicious and renaming the extension to .infected. This way if it is a file wordpress needs you still have that file you just need to change it back.
Further steps you an take are running Sucuri Scanner. This scans for malicious files and also hardens your wordpress install to prevent future attacks.
I also started using Cloud Flare on my sites and they have a security feature which blocks hackers and malicious bots from even entering your site with a captcha page.