Ask Charly Leetham

Online Business Implementation Expert - Helping Businesses Harness The Internet As A Channel To Market

Online Business Implementation | Website Design and Development | Web Hosting | Domain Names

W3 Total Cache Leaves Sites Open to Compromise (WordPress)

by 1 Comment

6488066_sW3 Total Cache (W3TC) leaves WordPress websites vulnerable to compromise.  The vulnerability was discoved by researcher, Jason A. Donenfeld and reported on one of the seclists.org forums recently.

W3 Total Cache is a plugin that enables site owners to speed up their WordPress websites by using a series of Caches.

According to the forum post,  the vulnerability means:

anyone could easily recursively download all the database cache keys, and extract ones containing sensitive information, such as password hashes

Essentially, by retrieving the password hashes it would be possible to decode any users password.

However, as the plugin author (Frederick Townes) states in the WordPress Support Forum:

The root of the possible vulnerability lies in the intersection of two configuration settings, one at the Web Server level and the other at the W3 Total Cache database caching level. You may be vulnerable if the following are true: your server is configured to allow directory listing with enabled public access on W3TC’s database caching directories and also use database caching via the disk caching method.

All credit to Frederick, he acted on the information and released version 0.9.2.5 of W3TC quickly to patch the issues.

Fix The Issues with W3 Total Cache Today

Website owners who use W3 Total Cache should immediately do the following (or get their webmasters to do it):

  • Upgrade the version of W3TC on their sites.  This can generally be done by logging into wp-admin, navigating to the plugin menu and upgrading W3TC through the upgrade now button.  Frederick also suggests that simply deactivating W3 Total Cache, uninstalling it, and re-installing it via wordpress.org  will apply the hotfix upon re-activation.
  • Turn off disable directory indexing and deny web access to the “wp-content/w3tc/dbcache/” directory (you can do this through Cpanel and / or .htaccess)
  • Empty the database cache for good measure – Go to wp-admin -> Performance and click on Clear All Caches

Of course, there are other Cacheing solutions out there and we’ve had WP SuperCache recommended on several occassions.

Don’t delay though – if you are using W3 Total Cache, update and follow the recommendations above to protect your site.

Want To Use This Article?

You can as long as you include the following (links must be active):

Charly Leetham, from Ask Charly Leetham, is an Online Business Implementation Expert who helps Small Businesses and Solopreneurs harness the power of the Internet as a Sales Channel or Channel To Market. Get your dose of business inspiration and motivation to help you along. Compiled from the generous contributions of over 79 authors. Grab a free copy today. Motivating Your Mind, Inspiring Your Spirit by visiting www.AskCharlyLeetham.com today

Comments

Leave a Reply