Skip navigation

hacked?

Crap. Somehow, someone's gotten access to edit my posts on this blog and have crapped in loads of viagra linkspam. I've probably destroyed the evidence already by deleting the spam as soon as I saw it — and as soon as some friendly readers emailed me pointing at more. I've done the obvious, changed my password and tried to lock down the admin pages a bit. But, I don't know who, how, or why. Ugh.

So, my apologies if anyone sees any offers for penis pills around these parts. A heads up would be kindly appreciated as I scour my records and grumble.

This entry was written by l.m.orchard and posted on November 13, 2007 at 9:52 pm and filed under asides. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

3 Comments

  1. Tanner
    Posted November 14, 2007 at 10:18 am | Permalink

    I have heard that wordpress needs to be updated to the security point releases consistently.
    This is something that I try to stay on top of. Don't remember this being that big a deal with movable type. Could be a design flaw for wordpress, or perhaps PHP.

    At one point I was using rsync to synchronize the new default files, and then hitting the dashboard to update the db design if it had changed. last update I did manually since I needed to move some photo links around in mysql. I still think rsync is a good tool for this task. Though lately they have been obseleting some files and they probably shouldn't be left around. what were the permissions on your files?

    -tanner

  2. Richard@Home
    Posted November 14, 2007 at 10:26 am | Permalink

    Are you hosting on dreamhost?

    http://blog.dreamhosters.com/2007/06/06/dreamhost-ftp-accounts-hacked/

  3. l.m.orchard
    Posted November 14, 2007 at 12:57 pm | Permalink

    Thankfully no, not on dreamhost. Unfortunately, that means I don't have that excuse. :)

Post a Comment

Your email is never published nor shared. Required fields are marked *
*
*