We’ve Been Hacked

The site has been compromised. In response, I’ll have to make the update I’ve been putting off. We’ll have better security but will probably lose the comments (hence the reluctance to update). See you soon.

7 thoughts on “We’ve Been Hacked”

  1. Text and comments can be saved first by right clicking, then saving as a Web page. Then the text can be copied and pasted elsewhere.

    That is slow and tedious, but the content could be saved.

    Silly hackers, this site runs Sitemeter, so you know their IP and country of origin (my guess, not the USA).

  2. So sorry you’ve been hacked. The “reward” for building traffic. If you have access to a “control panel” and have a protocol such as myPhpAdmin then you can browse and export your comments and posts rather easily. The malicious code could also be in your sql database and is likely what is called a cross server script. Those can be hidden in a comment as an image or link.

    It is far more likely for such exploits to be resident in 3rd party plugins to WordPress. I am banning such plugins from websites on my servers. Open source is great and I am a big believer in it but, like the proprietary sources, they are targets. The Internet is held back by this trash.

    Your readers and visitors have nothing to fear. Norton and Macafee scans of your site show no problems. The script is likely attempting to use your site to send spam and as Kay pointed out is from a foreign source, likely Romania.

    I would suggest turning off “anyone can register” and deactivating any 3rd party plugins.

    Be grateful yours is not a portal site.

  3. Part II

    Before someone gets the idea to rip out everything in the John Street area, take a look at the Crawford House Inn in Dixon:

    http://www.crawfordhouseinn.com/

    Do not miss more pictures under the link for room rates. Stunning.

    There are some charming buildings tucked away in the John Street area. That is one TIF district that should not be completely bulldozed over. We know where it flooded in the past and where it will probably flood again. There are most certainly buildings that should be saved for the next fifty years or more.

  4. Thanks for the advice, everyone! As I understand it, it’s really problem for my host, and the threat to citybarbs is that my host will pull down the site if I can’t eliminate the offending code. Plus they are strongly suggesting the updated (= safer) version of WordPress.

Leave a Reply