Gossamer Forum
Home : Gossamer Threads Inc. : Announcements :

Check your admin passwords

Quote Reply
Check your admin passwords
Hi,

We've had a few reports of customers Gossamer Links installation being targeted by malicious search engine optimizers. They scan the web for people who have left their installation either without a password, or with a weak password like admin/admin, and then modify the home page adding links to their own sites.

Please ensure that your login to Gossamer Links is using a strong password, and that no other accounts that you don't recognize are listed (they often add a new account called test as the login). Also double check your home page templates for links you don't recognize. The links are often disguised using styles so they aren't visible as links from the browser. They'll look something like:

<A onmousemove="status=' '" style="FONT-WEIGHT: normal; CURSOR: text; COLOR: #000000; TEXT-DECORATION: none"

in the source.

If you have any questions about this, please don't hesitate to contact me.

Cheers,

Alex
--
Gossamer Threads Inc.