John's book which will show you how to secure your blog against intruders.
Read some of John's WordPress security tips.
What others are saying about WordPress Defender from around the Web.
About John Hoff and this site.
WordPress Defender

Blog Lockdown Guide
My Personal WordPress Security Guide
Plus 16 Videos



Get your free

Secure WordPress
Mini Course Here

Videos Included

Get immediate access to our email video mini-course, "Secure WordPress," and watch as we lock down your blog against intruders. Simply enter your name and email address below to get access.

Mini Course Books







Interesting Articles
WordPress Security - So You Think Your Blog Is Safe?
Protect WordPress Blog from Intruders
Blog Lockdown - It's a Well-Rounded System
5 Reasons Why WordPress Blog Security is So Important
Keeping a Secure WP Blog Using the BBQ Plugin

WordPress Security Alert for These Plugins

By John Hoff (6/23/11)
Author of the WordPress Defender eBook

This is a copy of the article I sent out to my WordPress Defender Newsletter list (for those who bought my ebook only)

There's been some developments going on in the WordPress.org security world which I wanted to inform you of.

If you use any of these plugins, pay close attention!

A) AddThis
B) W3 Total Cache
C) WPtouch
D) WP-phpmyadmin

Also, if you have a Username and Password at WordPress.org, read this article!

Let's start the plugins listed above... A, B, and C.

It seems WordPress.org's plugin repository got hacked the other day and someone or some people added some code to these three plugins which could allow a hacker access to your site.

If you have installed any of these three plugins within the last couple of days (or updated them), please "re-update" them now as WordPress.org has made sure the latest versions of these plugins are safe.

Also, if you have a WordPress.org username and password (if you're a forum user or something), you'll need to change your password (go do that now). Simply go try and log in and you'll be prompted to change your password.

Okay, now about the WP-phpmyadmin plugin...

Go delete this plugin now if you're using it.

Don't bother trying to update it, there's no update. One of the security websites I follow wrote an article on how they discovered this plugin has hacker code in it.

You can read that article here if you are using the plugin, if not, don't worry about it.

These rounds of attacks go to show you we are not safe, no matter what we do.

Yeah it sucks, doesn't it.

Heck, if WordPress.org can get hacked, anyone's vulnerable, right?

These jerks out there could give a flying you know what about us, our hard work, and our family (some of us make our income from our websites).

The best we can do is:

A) Protect ourselves the best we can
B) Be prepared for when and if the day happens so we can bounce back quickly and with little cost (you have full backups, right?)

WordPress Defender...

Perhaps this is a good time to sign up for the WordPress Defender Affiliate Program and post an article about WordPress security on your blog (or repost one) or send it out to your newsletter list.

The content from this article alone should be enough to open people's eyes. Also, I've uploaded a really cool video to YouTube which hopefully gets people thinking a little about security (feel free to subscribe to my channel and "Like" the video).

It's the same video on my sales page. Feel free to embed the video.

At the end of the video there's an arrow which points down and asks people to click the link to get the book.

So that would be the spot to put your affiliate link (just below the embedded video).

Since putting the video on my sales page I've noticed an increase in conversions, FYI.

As always, if you have any questions about security, ebook, or the affiliate program, please don't hesitate to ask.


WordPress Defender Book and DVD

Order Now

2011 John Hoff, All Rights Reserved


Home | About Us | Sitemap | Disclaimer | Privacy Policy | Secure WP Articles | Affiliate Program
Get the WordPress Defender eBook | Contact Us