Category Archives: Site Issue

Hacked

I come home tonight to find this has happened to my blog:

hacked20130430

Seriously?

Lucky it didn’t appear to be to serious. Or so I hope. Someone had managed to replace my theme widgets with something that overwrote my header and made it display that mess.

*sigh*

I changed the both the wordpress database, wordpress login, and FTP passwords to even more complex password than I used before. Here’s hoping that’s all it was. Which in itself is worrisome.

*double sigh*

And apparently the fucker(s) who did it has been busy. Just Google for “hacked by yilm4z.tr” and look at all the sites that come up.

According to the log files I keep, options were updated in my database at around 6:46pm. Luckily, I was able to unmodify what was changed.

So if any of you came to my blog around that time or later, you would have seen that mess.

This has not been my week.

Until next time...
Erik

Timing…

This showed up on wpbeginner today: WordPress Brute Force Attacks, and What You Need to Do About it. My webhost, MacHighway, also posted similar information this afternoon. For those of you who are self-hosted WordPress (or Joomla) bloggers, I suggest you read it and follow the suggested changes.

And do what I posted too, as an added measure. 😉

Until next time...
Erik

Damn Spam

I had a crapload of comment spam hit my blog today. And by crapload, I mean Oprah on a bender crapload.

So I started looking through the server log files and noticed a few patterns. Four different browser user agents were showing up on these spam entries.

So I nuked them in my .htaccess file with the following bit of code.


########## Block Old Browsers used in Facebook spam assault, 2013.04.10 ##########

RewriteEngine On
RewriteBase /
# Firefox 3.0.5, 3.0.10, shows up repeatedly
RewriteCond %{HTTP_USER_AGENT} ^.*(?:Firefox/3\.0\.10).*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*(?:Firefox/3\.0\.5).*$ [NC,OR]
# Opera 8.01, shows up repeatedly
RewriteCond %{HTTP_USER_AGENT} ^.*(?:Opera/8).*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*(?:Opera\s8).*$ [NC,OR]
# MSIE 6.0, shows up repeatedly
RewriteCond %{HTTP_USER_AGENT} ^.*(?:MSIE\s6).*$ [NC]
RewriteRule .* - [L,R=404]

I’m sure my regex is horrible. But it works. And I am returning a 404 instead of a 403, because with the 404 they will think the resource is no longer there.

Of course, this will just work until the script kiddies change the user agent. But they tend to be pretty lazy.

I’ll have to analyze the logs a bit more when I get the chance. It’s an interesting attack coming from random IP addresses. Which means more people aren’t using protection. On their computers.

I posted this just in case anyone else is having this problem.

Off to bed I go. Long day. Before I even noticed this mess.

Until next time...
Erik

Not Spam

My apologies to anyone attempting to comment the last few days and receiving a message that your comment was spam.

I installed a new plugin a few days ago to help block spam comments, and it was a little aggressive on what it thought was spam. Okay, a lot aggressive apparently.

I’ve pulled the plugin, so you should be able to comment again.

My apologies.

Bad Erik.

And a big thank you to Spo for sending me an email letting me know.

Until next time...
Erik

Small Blog Change

As some of you might have noticed if you subscribe to my RSS feed, I re-inserted the RSS feeds for my Adlibbed and Instapooped posts back into my normal RSS feed. Previously they were excluded from my normal RSS feed, so they only way you would see them was if you came to my actual blog directly, or subscribed to those feeds individually.

Not sure why, other than I did.

If it becomes a bit much, I hope y’all will tell me.

Until next time...
Erik

“Couldn’t sync posts” message ONLY via cell network

I posted this over on the WordPress for iOS forum, but I thought I should post it here as well in case any of my readers are experiencing a similar issue.

With both the 3.0 and 3.0.1 WordPress for iOS] app, whenever I attempt to connect to my self-hosted WP blog via my cell network, I receive the error: “Couldn’t sync posts: It seems your WordPress site is not accessible at this time, please try again later”. If I turn on wireless, it connects correctly.

This only happens with one of my sites. Three of them connect fine over either connection.

The site in question is running WP ver 3.3.2.

I see that other people are having a similar issue with the “Couldn’t sync posts” error, but I haven’t seen where anyone has noticed a difference between cell networks and wireless networks.

I’m curious if any of my readers use the WordPress for iOS app on their iPhone/iPad and are having a similar problem?

Until next time...
Erik