WP Auto Upgrade security alert

Crystal_Clear_app_error Use WordPress and WP Auto Upgrade plugin? Pay attention. I spotted this thread recently while monitoring the WordPress forums. There is a possibility WPAU backup folder is being used as an entry point for hackers.

What you can do: If you’ve used WPAU, make sure you clean up your files after upgrading. If you’re not sure, log into your WordPress, navigate to WPAU, there should be a link to that says to click on it to clean up the log before proceeding. If there is no such link that means you have done it already. Another way to check is to use FTP to look into your wpau-backup folder.

You may also want to delete that folder once you’re done. I’m not sure if this will affect the plugin later on or not, my guess is no. If you’re not comfortable with deleting, move the folder to a non publicly accessible folder – usually outside the public_html. Alternatively, you may want to create an htaccess file inside the wpau-backup folder and enter this code in it, save.

deny from all

That will keep snoopers out of the folder. Consider also telling search engine robots to skip this folder when indexing by adding this to your robots.txt file.

User-agent: *
Disallow: /cgi-bin/

Do You Want A Hands-Free Business?

Then get this guide to help you systemize your business so you'll have more time working on your business.

!
!

Hey! I want to make sure you know what you're getting here. In addition to the guide, you will also receive our memo that includes special offers, announcements and of course actionable information.

Terms and Conditions checkbox is required.
Something went wrong. Please check your entries and try again.
Facebook Comments