Let’s Encrypt, WordPress, CT logs

FanJ · Apr 12, 2022

Are Let’s Encrypt-logs used to infect WordPress or is there more going on?

Some links:

https://community.letsencrypt.org/t/hacked-new-wordpress-sites-because-le-is-created/175284

Fresh Installs of WordPress Apparently Being Hacked Based on Public Disclosure From Let’s Encrypt
https://www.whitefirdesign.com/blog...based-on-public-disclosure-from-lets-encrypt/

It’s long been a known issue that if you place a copy of WordPress on a publicly accessible website, but don’t configure it, hackers will eventually configure it, which gives them access to the website. This works because WordPress has no restrictions on configuring it once the files are loaded on the website and you can configure it with a database on another server, so you don’t need to have access to any existing logins for the website. This isn’t usually an issue since people upload WordPress and promptly configure it, but recent claims suggest that hackers have found a way to exploit this even in that type of situation.
Click to expand...

Log in or Sign up

Let’s Encrypt, WordPress, CT logs

FanJ Updates Team

Log in or Sign up

Let’s Encrypt, WordPress, CT logs

FanJ Updates Team

Useful Searches