WordPress Users – Upgrade NOW!

There is an ongoing attack on older versions of WordPress at the moment, you should update your WordPress to the latest version with immediate effect (currently this is version is 2.8.4 if you aren’t already aware),  WordPress have published a report on this attack.

If you don’t know which version you are using already – you should be able to find out in your dashboard, but don’t waste time checking please just upgrade.

By upgrading you know roughly how long an upgrade will take, fixing a hacked site can take weeks (and in some cases can even be irrecoverable!!).

If you are unable to upgade your WordPress yourself contact support for more information.

How do I know if I’ve been hacked?

There are two things you may notice:

  • Your permalinks, will work, but may look strange such as:
    example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/.

    The keywords you are looking for here are “eval” and “base64_decode”.

  • You may notice a second administrator added to your administrators (in the users section of WordPress) and you won’t be able to edit this user.

Preventing an attack:

Simple, upgrade – don’t try to hack around it, don’t use plugins to protect yourself, update your base code and upgrade now.

Fixing up after an attack:

Unfortunately this hack attacks the database as well, so simply re-uploading your files won’t fix your problems, you’ll need to do something far more involved (again, it’s easier to upgrade!):

  • Export all your content as XML
  • Backup general files (images/themes etc)
  • Remove all files
  • Re-upload the latest version of WordPress
  • Import the XML of your posts, pages and comments (and hopefully no hacked code!)

Again, we may be able to work on this for you if you need us to.

FAQ: Transfer or Update Nameservers?

This is a common question we hear during the order process…

“Should I choose to transfer my domain to you, or just update my nameservers?”

The answer is really down to you and how much control you have over your domain!

Transferring Domains

Transferring a domain means moving it from your existing domain supplier to BetterWebSpace, you will then contact BetterWebSpace for all domain renewals (and hosting renewals if you order hosting as well). Your domain supplier may charge you a release fee for doing this (BetterWebSpace do not currently charge a release fee to release domains!).

If you select this option you have two options:

  • Transfer your domain to under our control and then ask us to re-point it for you to it’s new location.
  • Ask your current provider to re-point it (if you need the change to happen quickly) and then transfer it to our selves.

Update Nameservers Only

If you choose to update your nameservers only, you’ll simply be re-pointing your domain from it’s existing location to our servers. You will continue to contact your existing domain supplier for domain renewals and BetterWebSpace for hosting renewals. There is normally no charge for this.

14 Days to Go!

Pricing Changes

As we reported last month, our prices will change on the 1st September 2009, we’ve had several questions on this so I aim to clarify those here:

  • Will my price increase?
    No they won’t if you don’t change anything you will continue to pay the same price you always have.
  • What if I want to upgrade my package?
    If you wish to upgrade after September 1st 2009 you will be upgrading to the new pricing structure. Many customers are using this as an opportunity to upgrade before September 1st to lock in the old pricing.
  • What if I want to add backups?
    Again, you should upgrade to backups before September 1st, as the fees for upgrading afterwards will include upgrading to the newly priced package AND adding backups.

This is your last chance to get the packages at their current prices for either yourself, or friends and family…

Backups

Our new backup service went live on 1st August 2009, and has proved hugely popular with customers who don’t have time or the knowledge to perform their own backups on a regular basis.

This is a reminder that we do not backup any accounts that are not part of our backup service. If you wish to get backups of your account we recommend upgrading before the price change on the 1st September 2009.