To all those who follow me and my blog by RSS feed, by email subscription, or on twitter … a humble apology. From me, to you.
This afternoon I found I’d been hacked.
Links were placed at the end of some pages (see below) to the kind of content I don’t want to be associated with (you know the sort). I couldn’t find out how this was done, so I did some digging.
I changed the theme of the blog (do you like the new theme? No, me neither, not yet), and they disappeared for a while. Then they returned so I did a little more digging. It turns out that even with the most up to date WordPress, you are not immune.
One of the recognised ways for the hackers to gain entry to the blog is through the ‘admin’ account, which I was stupidly still using (even with strong password). Following the guidelines in the excellent post 10 Steps To Protect The Admin Area In WordPress, this evening I deleted the admin account and created another, with stronger username and password.
The trick was to delete the admin account and re-assign posts and comments to this new user. Thing is, the process was interrupted, somehow! So I now had a half empty blog (which I luckily had backed up about 2 hours ago). So, I imported the backup, all the posts and comments were back, and all looked good.
Then I saw the emails coming through, 370 of them!!! Then I saw my twitter account had just risen by 370 tweets … oh God!! Yes, not only emails to subscribers, but also one tweet per post was sent out!
I still have some more digging to do to make sure this doesn’t happen again (!!) but for tonight, I’m done. No more from me, I’m knackered.