Protect your wordpress website from being hacked by TimThumb

Been dealing with a ton of problems lately with malicious content getting onto my wordpress sites and making everything run slowly. All of this could have been prevented to. I heard of the security issue with the old TimThumb script but didn’t do anything about it. Nothing was wrong with my websites so why would I need to change anything…. some really stupid thinking on my part. Your best offense against hacked sites is your best defense.

TimThumb is a PHP script that resizes images. It was used by a lot of different themes and plugins and if  it is an old version it can be hacked. You can fix this by simply updating the script.

Here are some preventative steps to take

  • Always update wordpress, wordpress fixes vulnerabilities and the older your version is the more susceptible you are to getting hacked.
  • Check if you have TimThumb on your computer. Download the TimThumb vulnerability scanner in your wordpress plugins and upgrade.

If you think your website has malicious files on it ask your hosting company to do a scan of all your files to find them.

When I contacted dreamhost I got tons of malicious files that I had to go in and manually delete, or replace with clean files. I would suggest finding all files that are considered malicious and renaming the extension to .infected. This way if it is a file wordpress needs you still have that file you just need to change it back.

Further steps you an take are running Sucuri Scanner. This scans for malicious files and also hardens your wordpress install to prevent future attacks.

I also started using Cloud Flare on my sites and they have a security feature which blocks hackers and malicious bots from even entering your site with a captcha page.

If you need an e-commerce site Shopify is perfect for beginners and experts alike. You don't need to have any technical or design experience to easily create a beautiful online store. Simply choose a stylish ecommerce website design, easily customize your online store, add products, and you're pretty much ready to accept payments. Plans start at $14 and comes with a free no risk 30 day trial period. Click here to create your store now. Also check out our in depth review of Shopify here and see why Shopify is our number 1 recommended shop for clothing companies.


Connect with us

Email Newsletter

Like this post? Sign up to receive email updates and get the latest posts from How to start a clothing company.