I’m back online again, after lots of cleanup and reset work. Just what I didn’t need to soak up waste my “free time”. Grrr….
Given my day job, I’ve found myself to be very sympathetic to updates-to-fix-security problems, reacting more like “oh, goodie a fix” instead of “grrr… oh, not another update”. So, I found it interesting to note that I know I was already running the latest and greatest WordPress at the time of the breakin. As of now, I’ve reset the entire site, cleaned out the filesystem to remove malware, reset all passwords and done fresh installs of latest-versions of only-the-essentials. Other installed but not running software has been removed. And while I was at it, I added some extra monitoring to see if this happens again. Probably should have done all that the first time, but thats hindsight for you.
In case this happens to someone else reading this post, I recommend reading the following, which I found helpful: (tip-o-hat to lsblakk for the pointer):
- http://codex.wordpress.org/FAQ_My_site_was_hacked
- http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
- http://ocaoimh.ie/2008/06/08/did-your-wordpress-site-get-hacked/ and then the related:
http://ocaoimh.ie/exploit-scanner/
Be safe out there, on the World Wild Web!
You must be logged in to post a comment.