I guess this is the warning. This site has been hacked, once again. I believe that I have fixed the problem but, in the course of researching the problem and updating WordPress, the software on which the site is based, the update process f—ed things up and damaged the database that contains the content for the site. (You’ll notice that a number of things are currently missing, such as links to the photo gallery and the blogroll on the right bar.) Hence two things have been made crystal clear: 1) WordPress can’t be trusted. It’s not that it isn’t as secure as its authors can make it. The problem is that it’s popular and hence a prime target for the script-writing spam-hackers of the world. 2) I either need to find something else or give up altogether. I’m tired of these fire drills. Each time someone exploits the site it takes me about a day to get things straightened out, and this time I’m not sure what it will take.
So, in short, this site may vanish without notice if I can’t figure out an alternative to WordPress (which was supposed to be an alternative to PostNuke, which I used to use and abandoned for the same reason).
Hey Adam, are you sure the first hack didn’t leave a backdoor on your server?
Perhaps you could check your logs to see what happened exactly, it could be the same guy accessing your site. I believe WordPress itself indeed a big target, but don’t forget sloppy coding in plugins (not yours of course ^_^)
Hi Ronnie,
Good question, but I’m pretty sure that the second attack didn’t have anything to do with the first. The techniques were quite different; the recent one was much more subtle than the previous.
–Adam