Many sites across the blogosphere are reporting a fake website that is distributing a backdoored version of WordPress. Though these are few and far between, it behooves all users to be careful when downloading any kind of code to run on their blog. The Register report contains an update from Peter Westwood (a WordPress lead dev) about the code being distributed and his suggestions on how to avoid being duped. Though the fake site is down now and If you believe that you might have been the victim of this site, please download a fresh copy of WordPress from WordPress.org and upgrade your blog to be safe.

I personally follow a few simple rules to make sure that I never fall for a social engineering or covert code trap on my blogs.

  • Always download core WordPress code from http://WordPress.org. Type the link into your browser address bar rather than following a link from another blog or site. This includes updates and security fixes. If your web host offers one click installs or upgrades through their control panel, they are probably safe (they are safe if they are on a current version). I still suggest either installing a fresh copy from WordPress.org or using WordPress.com, but I do understand that one click installs are convenient.
  • Try to download plugins and themes only from the official WordPress Extend. There are way too many themes and plugins (though much less plugins) that contain convert code and new WordPress theme download sites seem to be popping up everyday. We have covered shady themes many times on this blog.
  • Never download “hacks” or “patches” to WordPress from anywhere. If you are unfamiliar with PHP, I would suggest that you ask people in the WordPress forums for help or contact us through our form on this blog for help. Always download official patches, updates and installs from the WordPress.org site.
  • If you find a cool new trick, theme, plugin or hack for WordPress via a Google search, please be careful. I know the following is a cliche’, but if it looks too good to be true, it probably is.

Do you have any suggestions for our other readers? Have you found strange code on your blog or theme?