You could do a scan with this: http://wordpress.org/plugins/exploit-scanner/ download from: http://downloads.wordpress.org/plugin/exploit-scanner.1.3.3.zip
check also on the server: open mysql MySQL (unauthorized)
Server should be hardened not to be so loud with header info (attackers get far too much info that way):
-
Server: Apache/2.2.22 (@RELEASE@)
-
X-Powered-By: PHP/5.3.3
It looks like 2 cookies are being set without the “HttpOnly” flag being set (name : value):
-
woocommerce_items_in_cart : 0
-
woocommerce_cart_hash : 0
How to do this, you could read here: http://www.shanison.com/2012/07/05/unset-apache-response-header-protect-your-server-information/
link article from Shanison software engineer…
polonus