Exploited by hackers

12apostrophes looked a little funky yesterday.

As the blog is wont to do whenever I change anything, all the posts (temporarily) disappeared, and we had to run the site in the WordPress “Classic” theme.

I was updating to the latest version of WordPress to address a security flaw. An article I read pointed out that spammers had been hacking WordPress blogs and using them for nefarious spamming activities.

Ha, I thought. Well, I don’t think that’s happening, but I should upgrade anyway.

When I opened up my header.php file, I found hundreds of lines of text full of links to discounted pain, sleep, and erection medicine. They didn’t display, but they were in there.

Why? I didn’t know. It could be as simple as boosting their Google ranking by creating a large number of links to their sites. I went ahead and stocked up, then deleted the links.

Whatever the reason, 12apostrophes had been exploited by hackers, just like a blog ten times as well-known or frequently updated! I feel all warm and fuzzy. We’ve really made it.

[dork gibberish warning: just in case the following bit of insider baseball could help anyone out there like me, who uses a modified Kubrick theme and tried to upgrade their WordPress, and had the oh-my-God-all-the-posts-are-GONE problem, listen up: you didn’t update the wp-content folder, right? Because you didn’t want to overwrite your modified theme? Go ahead and update wp-content/themes/default/functions.php. It’s OK. In fact, it will make all your posts magically reappear. The problem does not lie with a conflict in your loop(s), no matter how many hours you spend squinting at them. Ha ha.]

Post a Comment

Your email address will not be published. Required fields are marked *