Wednesday, February 22, 2012

Fixing a hacked Wordpress blog and Potlatch

My other blog, the one where I post photos, was hacked a few days ago. Based on when the files were touched, I believe it happened Feb. 16th, and I noticed Feb 20th, because the admin dashboard was displaying funkily -- by that I mean, without stylesheets applied. I viewed the source and found a garbled mess of alien PHP code inserted at the top of the page.

After some searching I realized all of the PHP pages on my web host had been compromised and I wasn't alone. So I started the slow process of fixing the site.

I changed all of my passwords, reinstalled Wordpress, manually removed the code from all the PHP files the installer hadn't touched, including my current theme. I deleted extra files, including unused themes and plugins. I checked file and directory permissions to make sure they weren't writeable by everyone. I checked the htaccess file for foreign code. I fixed my broken RSS feed (I needed to delete extra spaces after the closing PHP tag in the config file). I added some "things" to my config file to get it up to date... things I don't want to reveal too specifically.

Mid-way through making the changes listed in the above paragraph, I was hacked again, so I knew I hadn't fixed the original problem. At that point I became more aggressive in my deleting of files; I started deleting everything I wasn't using, especially themes and non-Wordpress files just hanging out in the web root. That seemed to have helped.

Now I don't want to say I've licked it for sure, but I haven't been hacked since then. I'm watching the site and I let my webhost know to keep an eye out.

I spent about six hours on this, with most of the work done between 10pm and 2am, Monday night. Kind of screwed up my sleep, but I'm feeling back to normal this morning. And since I spent all that time making sure the site worked, I'm thinking I should start posting there again soon. Apparently I'm not ready to abandon it.

If you're curious, you can see my cleaned up version of my photo blog at www.onfocusphoto.com/blog.

#

This weekend I'm going to my first Potlatch, which is a convention aimed at writers and readers of speculative fiction. I'm pretty excited. I'll also be participating in the writers' workshop, which provides peer feedback in the round-robin, Clarion-style. I'm over half-way through the manuscripts I need to review, and I have about fifty pages left to read in "A Canticle for Leibowitz" -- this year's book of honor. This is all very good.

Now if I could just finish another story that'd be the cherry on top.

Posted by at 8:15 AM
Tags: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)