-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
6 changed files
with
85 additions
and
21 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,10 @@ | ||
--- | ||
--- | ||
wordpress_id: 253 | ||
layout: post | ||
title: Princess Bride | ||
excerpt: Finally... I saw <i>The Princess Bride</i>. That is a very good movie. It would have been nice to see it on Prom Night, but today was as good a day as any. I bet there are several web sites dedicated to this movie. | ||
|
||
tags: [Uncategorized, highschool, movies] | ||
tags: [highschool, movies] | ||
--- | ||
|
||
Finally... I saw *The Princess Bride*. That is a very good movie. It would have been nice to see it on Prom Night, but today was as good a day as any. I bet there are several web sites dedicated to this movie. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,21 +1,23 @@ | ||
--- | ||
--- | ||
wordpress_id: 264 | ||
layout: post | ||
title: No power until Thursday? | ||
excerpt: |- | ||
Obviously my math does not model reality... well I didn't expect it too do so.<blockquote><i> | ||
Northern States Power Co. says it expects to have power back on by late Thursday for most of the the 89,000 customers still without it as of Monday afternoon. NSP says a few areas might not have power restored until Friday.<i><p>from <a href="http://www.pioneerplanet.com/">Pioneer Planet</a></blockquote> | ||
Hopefully I can return to my home for more than ten hours. You know, it's really cold in the morning... you'd not expect that in this season. It's annoying, because I usually have one or two computers running in my office room that keep me warm.<p>Well anyway, I have the final diagram of how my program works written out. It should be done tonight... I work more efficiently at the Borcherts because there are less things to distract me (or something). | ||
|
||
tags: [Uncategorized, general, learning] | ||
tags: [webdev] | ||
--- | ||
|
||
Obviously my math does not model reality... well I didn't expect it too do so. | ||
|
||
>*Northern States Power Co. says it expects to have power back on by late Thursday for most of the the 89,000 customers still without it as of Monday afternoon. NSP says a few areas might not have power restored until Friday.* | ||
> | ||
>from <a href="http://www.pioneerplanet.com/">Pioneer Planet</a> | ||
Hopefully I can return to my home for more than ten hours. You know, it's really cold in the morning... you'd not expect that in this season. It's annoying, because I usually have one or two computers running in my office room that keep me warm. | ||
|
||
Well anyway, I have the final diagram of how my program works written out. It should be done tonight... I work more efficiently at the Borcherts because there are less things to distract me (or something). | ||
Obviously my math does not model reality... well I didn't expect it too do so. | ||
|
||
> *Northern States Power Co. says it expects to have power back on by late | ||
> Thursday for most of the the 89,000 customers still without it as of Monday | ||
> afternoon. NSP says a few areas might not have power restored until Friday.* | ||
> | ||
> from <a href="http://www.pioneerplanet.com/">Pioneer Planet</a> | ||
Hopefully I can return to my home for more than ten hours. You know, it's | ||
really cold in the morning... you'd not expect that in this season. It's | ||
annoying, because I usually have one or two computers running in my office room | ||
that keep me warm. | ||
|
||
Well anyway, I have the final diagram of how my program works written out. It | ||
should be done tonight... I work more efficiently at the Borcherts because | ||
there are less things to distract me (or something). |
60 changes: 60 additions & 0 deletions
60
_posts/2010-05-19-so-youre-wordpress-has-been-hacked.markdown
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
--- | ||
layout: post | ||
title: "So your Wordpress has been hacked" | ||
tags: [wordpress, webdev, hacks, mozilla] | ||
--- | ||
|
||
Last week, someone informed me that my blog had been hacked: | ||
|
||
<p> | ||
<a href="http://www.flickr.com/photos/davedash/4621504223/" | ||
title="My blog got hacked by davedash, on Flickr"> | ||
<img src="http://farm5.static.flickr.com/4063/4621504223_210d430c1f_m.jpg" | ||
width="240" height="111" alt="My blog got hacked" /></a> | ||
</p> | ||
|
||
I'm not quite sure what the vector was, Wordpress wasn't very secure and I | ||
didn't take too many measures to harden it. A coworker of mine (on our security | ||
team) decided it might be fun to have a look at the infected Wordpress | ||
Installation) | ||
|
||
### Here's how the hack works | ||
|
||
* Your blog appears normal to you and your visitors. | ||
* Some rogue PHP code detects if Google is crawling your site and modifies | ||
the text and links so it looks like your website is a viagra phramacy. | ||
* The links go to other infected blogs and thus builds up page rank for this | ||
ring of blogs. So the upside is that you're blog may be a top result... for | ||
*VIAGRA*. | ||
|
||
### Prevention | ||
|
||
Here's some tips for prevention, but you can find a lot more by googling for | ||
Wordpress hacks. My solutions are more technical: | ||
|
||
* Don't use Wordpress - I recently switched to Jekyll since it was conceptually | ||
easier to understand, and it's hacker-friendly. | ||
* Remove all users other than your own. | ||
* Change your password. | ||
* Check your code into git so you can see what files have changed. | ||
* Prevent Wordpress from writing to your webroot. | ||
|
||
### Restoration | ||
|
||
Here's what you'll need to do to de-spam yourself. | ||
|
||
1. Verify that you are still spammed by using | ||
Google Webmaster Tools|Labs|Fetch as Googlebot. | ||
2. Backup your blog and database. | ||
3. Move your wordpress installation to a new directory. | ||
4. Install Wordpress from scratch. | ||
5. Remove all users except for yourself. | ||
6. Change your password. | ||
7. Copy your theme to your new installation. | ||
8. Install *only* the plugins you need. | ||
|
||
By step 4 you should be able to verify using *Fetch as Googlebot* | ||
that your website is no longer an Online Pharmacy. | ||
|
||
Good luck. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters