Shell Shock Vulnerability – The latest bug to affect WordPress sites

Bulletproof Backups for Your WordPress Website

Fortify your business continuity with foolproof WordPress backups. No data loss, no downtime — just secure, seamless operation.

Sucuri’s latest announcement about the shell shock vulnerability says that millions of WordPress sites are at risk. Unlike the other cases, there is no plugin being exploited here. The culprit this time is the bash shell that is a part of every server. Bash is a command processor where users can type in commands and execute them. For example, to list the contents of a directory, change password, view a file, and many more. If the Heartbleed issue was known to be the biggest trouble-maker in recent times, shell shock is many times worse. What makes it worse is that unlike the usual vulnerabilities that can be patched by users directly, shell shock doesn’t have easy solutions for the average user. It is mostly up to the system administrators and hosting providers to patch this.

The issue is related to how bash uses environment variables to do its work.  While browsing the Internet, these variables are passed from the server to your computer and executed by your bash shell. The vulnerability lets attackers pass malicious commands as variables which get executed by the shell. This way the attackers can run any command and gain access to your site. They can then proceed with using your site to send spam, host their own content, and generally wreak havoc.

If bash only accepted commands from humans, this wouldn’t have been a vulnerability. Unfortunately, bash also accepts inputs from other programs. For example, when you load a site that includes dynamic content, the server processing it may use bash commands to retrieve your request. HTTP_USER_AGENT, for example, is commonly used to tell the server which browser you are using. But malicious users can change the user agent variable to include their code. When these evil doers visit a site, the server will automatically execute this code, allowing the attacker to hack into the server.

The wide spread usage of bash makes almost every computer vulnerable. However, the servers are the most targeted for the wide spread damage that can be caused. Turns out, cPanel users are at high risk and this amounts to a huge number of WordPress sites. So if you’re using cPanel, you should patch your servers right away. For those who aren’t sure of what they’re using, go ahead and patch anyway.

Tags:

You may also like


Fix: WordPress 403 Forbidden
Fix: WordPress 403 Forbidden

Stuck with a “403 Forbidden” error while trying to access your WordPress site? It’s a little scary and quite cumbersome but you can troubleshoot WordPress errors like this.  It’s a…

Fix: WordPress 413 Request Entity Too Large
Fix: WordPress 413 Request Entity Too Large

Fixing errors in WordPress site is like hitting a digital roadblock. It can be frustrating and disruptive. But, you’re also left wondering why this is happening to you.  The “413…

How do you update and backup your website?

Creating Backup and Updating website can be time consuming and error-prone. BlogVault will save you hours everyday while providing you complete peace of mind.

Updating Everything Manually?

But it’s too time consuming, complicated and stops you from achieving your full potential. You don’t want to put your business at risk with inefficient management.

Backup Your WordPress Site

Install the plugin on your website, let it sync and you’re done. Get automated, scheduled backups for your critical site data, and make sure your website never experiences downtime again.