An image resizing utility called timthumb.php is widely used by many WordPress themes. Google shows over 39 million results for the script name. If your WordPress theme is bundled with an unmodified timthumb.php as many commercial and free themes are, then you should immediately either remove it or edit it and set the $allowedSites array to be empty. – says Mark Maunder.

If you are using WordPress with a free or premium template you probably use some plugins and code that isn’t WordPress core-functionality – that mean’s you have to be extra cautious when using and updating it.

This is definitely an issue, but it’s just the tip of the iceberg. TimThumb is just one of various scripts that are being added to themes/plugins without further vetting, or even incorrectly. [...] The problem here is really around plugins and themes, it’s not as simple as you may think to check every release being there are thousands of free and premium options on the market today.

Why is it so important to update as soon as new releases come aroud? Google starts to block hacked WordPress sites as attacks widen.

These sites are listed with the warning that “This site may harm your computer” in Google’s search results and Google blocks access to the site with a warning forcing you to manually type the URL into your location bar if you really do want to visit the site.

To prevent your site being listed as malware:

1/ check for updates often, backup your files and database, update your WordPress core files, themes, plugins

2/ disable whatever plugins discontinue working properly

3/ when your site gets infected – clean it as fast as possible – there’s plenty of tutorials how to clean your WordPress blog from malware – take your pick

Not sure how to handle backups, upgrades and all that technical stuff? Let us help you!

Sign up with WordPressKeeper.com and register a ticket for free. Then get a price quote and let’s get it done.

We’ll fix it!

What we do:

• WordPress installation,
• WordPress customization,
• WordPress maintanance,
• WordPress updates,
• plugin updates,
• theme updates,
• backup & restore procedures,
• WordPress bug and problem fixing,
• WordPress security & malware fixes.

Please sign up and subit your ticket!

Thank you.