A couple months back, a faulty server configuration at Network Solutions shared hosting boxes led to many WordPress blogs getting hacked. The security flaw allowed other users on the same box to read other users’ configuration files. At first, people blamed WordPress for it but later on it was determined that it was the hosting provider’s fault because a properly configured web server shouldn’t allow users to have access to other users’ files (vice versa), regardless of the file permissions.
Because of what happened, iThemes via their PluginBuddy website, created and released a free WordPress plugin called ServerBuddy. The ServerBuddy WordPress plugin tests the web server’s configuration to analyze the quality of the hosting provider and its server configuration. The plugin looks for problems with compatibility with different WordPress themes and plugins and provides easy to understand explanations to different server settings. It also generates reports and samples of what to ask hosting providers if a problem is identified in the server configuration that needs fixing.
Screenshot:
Another important ServerBuddy feature is Security Testing. This plugin analyzes file permissions of important WordPress files to check if they are properly configured to make sure that the blog is secure and safe from intrusions. ServerBuddy is a must-have plugin for any WordPress blog and great tool for regular WordPress users, theme & plugin developers and especially hosting administrators.
Kudos to the folks from iThemes and PluginBuddy for releasing the ServerBuddy WordPress plugin to the community for FREE. ServerBuddy is easy to install, just download the file and unzip it. Then upload the folder to the wp-content/plugins/ folder on your web server and then activate it, then it will show up on its own section below Tools and Settings.
Download the ServerBuddy WordPress plugin
Anyone here hosted on Network Solutions that got hacked during this incident? What have you done to secure your WordPress blog? Anyone else using the ServerBuddy WordPress plugin to check their hosting provider’s server configuration? Please share your thoughts.
@Gem – Thanks! Glad you like it and find it useful. This happened a couple months back so Network Solutions already fixed the problem and I’m assuming that they already did measures to prevent it from happening again.
As always! Awesome find. I'll be using it.
Good thing one of my clients decided to move out his blog from Network Solutions to another web host – or he'll run into this problem.
@Jhay – I know but this plugin provides info about the problem that users can use so it would be easy for them to ask their hosting provider how to fix it.
It’s a great plugin. Though the information provided are a bit more technical for the unfamiliar with the inner workings of WP and web servers.
A guide explaining what the results mean would be a good compliment.