Web hosting firm Network Solutions has been forced to ramp up security for its Wordpress hosting customers, following a mass hacking over the weekend.
The company today issued a set of instructions to help affected users repair their sites, following reports that Wordpress databases were being hijacked to bounce surfers to a malicious web site.
It seems insecure file permissions were to blame. Wordpress configuration files need to store the database password in plain text, but should only be readable by the owner and the web server.
In this case, affected webmasters' files were readable by others, allowing the attacker to access the Wordpress database and inject a script, effectively changing the site's URL.
Hundreds of sites are believed to have been infected.
Network Solutions has now reset its Wordpress customers' database passwords. Any users running custom scripts containing database passwords in the clear will have to update their code manually.