No subject


Sun Jul 26 15:10:43 CEST 2015


"The peerproduction.net website was hacked sometime in the summer. There's =
a persistent vulnerability in the theme in use, which apparently hasn't bee=
n updated in a while and is unsupported. I've ported all content to the P2P=
F webserver. Of course, I didn't copy over the theme nor any other infected=
 files. I also brought over the surveys website and updated its plugins, an=
d apparently this broke the layout slightly. I didn't enable the php-exec p=
lugin, which represents a serious security vulnerability.

In peerproduction.net I enabled the default WordPress theme for the time be=
ing. For best support, you can pick any GPL theme from https://wordpress.or=
g/themes/ . If you'd like you may pick a commercial theme from https://www.=
elegantthemes.com/gallery/ and use it through my own developer license.

In short, peerproduction.net needs to be adapted to use a newer theme, and =
the layout on surveys.peerproduction.net should be updated to use the newer=
 widget library. All in all, it would be good to check out the whole websit=
es to make sure that no spam or infected content made it trough.

James already updated the DNS records and they should propagate shortly, ma=
king the new websites generally available. I'm flipping the switch for the =
old ones so that people don't update them inadvertently in the meantime."
[end quote]



More information about the JoPP-Public mailing list