There I was, minding my own business, reading Twitter and FaceBook getting ready for bed, when Scott Rogers (@bigscotty ) and @magdaZINE send me the following tweets:
@magdaZINE: @morganpdx your site keeps redirecting me to ChinaTV is that supposed to happen? Hacked?
@bigscotty: @morganpdx Same thing here. ChinaTV.
@morganpdx It happens after about 10 minutes or after I scroll over something. Still investigating.
@morganpdx Definetely a redirect after a few seconds.
(incidentally, Scott is a very funny guy, I hear. Something about some theater , and maybe ignite 8 ? And a 30 hour day ? Huh. Anyway…)
Now, people get hacked every day (or so I’ve been told by the paranoid cyber security dept at my work). However, I’ve always been of the opinion that you should cater your security to the likelihood of attack and the sensitivity of your content. Now I know I SAID I was famous , but I’m really not. Really. And I don’t post anything-ANYTHING- of value, except for my own and (I dearly hope!) your entertainment. So the way I see it, my security risk is lower than a con man in an orphanage.
But it happened. I got hit. Haxx0red!! This was NOT r0xxin mah b0xx0rs. All my posts are belong to China TV.
So, grumbling and cursing and sending out palpable waves of pissed off energy throughout my entire neighborhood, I deleted my entire blog with the exception of the database, the wp-content/plugins directory and the wp-config.php file, downloaded a brand spankin’ new fresh copy of the latest WordPress install (version 2.9.1), and copied the new files over. Problem solved, except I forgot to keep my themes folder. Oops. Well heck, I was gonna change my theme anyway, right?
*Edit: Problem not yet solved. I’m running into lots of missing stuff, and navigation is totally fubar still. I’m still researching issues. But at least the home page still works 😛
I will admit, somewat sheepishly, that I did NOT have the latest release of WordPress installed, as Matt Mullenweg encouraged us to do when he spoke at WordCamp Portland last year. Considering I’m gonna be running the dang thing this year, I’m happy to say that I’ve remedied that oversight! I can’t say that having the latest version would have kept this from happening, but it certainly didn’t help, I’m sure.
SO THANK YOU MISTER HACKER. THANK YOU FOR MAKING MY BLOG WORTHY OF RUNNING WORDCAMP PORTLAND, AND CAUSING ME TO UPGRADE MY THEME.
Now, does anyone think it’s at all odd that my WordPress blog was hacked two days after it was announced I was going to be running WordCamp Portland?
Yeah, me neither. Mostly.