We’ve Been Hacked
Posted by yinnDec 13
The site has been compromised. In response, I’ll have to make the update I’ve been putting off. We’ll have better security but will probably lose the comments (hence the reluctance to update). See you soon.
-
Calendar
September 2010 S M T W T F S « Aug 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 -
Archives
- 2010
- 2009
- 2008
- 2007
- 2006
- 2005
-
Tags
3rd Ward 4th Ward 7th Ward Adlai Stevenson AFSCME Bill Foster Bob Pritchard Boone County Brad Burzynski budget city clerk city council compensation Cook County cvb debt dekalb county DeKalb Public Library education engineering epi expenditures of distinction financial advisory committee fire department Freedom of Information Act human services IL-14 illinois kane county liquor commission mchenry county meta Open Meetings Act open thread park district Photoblog police department police station public works Re:New DeKalb state employees TIF transparency waste management water division Good Government
Local Government
Local Voices
-
Meta
Categories
7 comments
Comment by Kay Shelton on December 13, 2008 at 5:57 pm
Text and comments can be saved first by right clicking, then saving as a Web page. Then the text can be copied and pasted elsewhere.
That is slow and tedious, but the content could be saved.
Silly hackers, this site runs Sitemeter, so you know their IP and country of origin (my guess, not the USA).
Comment by Mark Kahle on December 14, 2008 at 1:58 am
Just pull the sql database, and retrieve it later to replace the comments..and articles.. not that difficult to do…
Comment by Mac McIntyre on December 14, 2008 at 10:22 am
So sorry you’ve been hacked. The “reward” for building traffic. If you have access to a “control panel” and have a protocol such as myPhpAdmin then you can browse and export your comments and posts rather easily. The malicious code could also be in your sql database and is likely what is called a cross server script. Those can be hidden in a comment as an image or link.
It is far more likely for such exploits to be resident in 3rd party plugins to WordPress. I am banning such plugins from websites on my servers. Open source is great and I am a big believer in it but, like the proprietary sources, they are targets. The Internet is held back by this trash.
Your readers and visitors have nothing to fear. Norton and Macafee scans of your site show no problems. The script is likely attempting to use your site to send spam and as Kay pointed out is from a foreign source, likely Romania.
I would suggest turning off “anyone can register” and deactivating any 3rd party plugins.
Be grateful yours is not a portal site.
Comment by Kay Shelton on December 14, 2008 at 10:22 pm
Part I
This is off subject, but before the city decides to rip out another building, take a look at what can happen when people ‘recycle’ buildings:
http://travel.msn.com//Guides/MSNTravelSlideShow.aspx?cp-documentid=759
We do not have nice enough hotel space in DeKalb. Any large building that could be turned into a hotel or a bed and breakfast would easily fill.
Comment by Kay Shelton on December 14, 2008 at 10:27 pm
Part II
Before someone gets the idea to rip out everything in the John Street area, take a look at the Crawford House Inn in Dixon:
http://www.crawfordhouseinn.com/
Do not miss more pictures under the link for room rates. Stunning.
There are some charming buildings tucked away in the John Street area. That is one TIF district that should not be completely bulldozed over. We know where it flooded in the past and where it will probably flood again. There are most certainly buildings that should be saved for the next fifty years or more.
Comment by Kay Shelton on December 14, 2008 at 10:33 pm
The link cut off. Copy and paste both pieces of the URL together and it should work:
http://travel.msn.com//Guides/MSNTravelSlideShow.aspx?
cp-documentid=759699>1=41000
Comment by yinn on December 15, 2008 at 7:40 am
Thanks for the advice, everyone! As I understand it, it’s really problem for my host, and the threat to citybarbs is that my host will pull down the site if I can’t eliminate the offending code. Plus they are strongly suggesting the updated (= safer) version of WordPress.
You must be logged in to post a comment.