Welp, that was anticlimactic! Thanks, God, for a smooth update to WordPress 4.7.3! (And thanks to the WordPress team for maintaining backwards compatibility). And hey, look – the Library has close to 1,000 posts!
Expect major site updates in the months to come, as WordPress’s Themes and Pages now enable me to do things I could only formerly do with static pages and hand-coded pages, and it will all be backed up easier thanks to WordPress’s Jetpack plugin.
The things you learn helping other people with their web sites ….
Welp, it’s time: I’ve backed up the Library of Dresan three ways to Sunday, said a prayer … and now am planning to upgrade WordPress from 3.0.1-alpha-15359 to 4.7.3. I know that’s 1.7.2 full version numbers, but it’s been too long, and there are too many new features I need, so … time to press the button.
God, please help me! Everyone else, your prayers, please.
Yeah, that goop someone injected into my Dakota Frost site doesn’t look suspicious at all.
(In case you’re not a programmer, healthy code doesn’t look like that. This code has been munged and rewritten so it’s almost impossible to see what it does. Not that I care – I just deleted it. But it makes it hard for someone who needs to debug it, in the cases where you need to debug it.)
Sheesh. Get off my lawn. Still cleaning things up. More in a bit.
So, the Dakota Frost site got hacked. May still be hacked, for all I know, because I just found and eliminated only one error, and I still haven’t found out how they got in. Of course, I changed all my passwords everywhere else first before logging into the site, confirming no-one had hacked the user accounts, and then downloading all the code for some forensics.
But what was peculiar was that, even though I could clearly see evidence of hackery thanks to the very nice, publicly available Webmaster tools at the Google, I could not see any difference between the live site and my previous backup except for the addition of the Akismet spam filter, which I’m pretty sure I did myself.
Then I found it, when I detected a strange file named kgcakmhg.php. Tracing it back, in the root of the HTML directory, someone had modified files back in February – first to point the .htaccess to a strange file named baccus-contextually.php, which called the weirdly named file and also relied on changes to the style directory. No changes to the blog code were necessary – everything was being rewritten before it got there.
Removing those files? Easy. Site’s back to normal … I guess. Closing the open barn door? Uh …harder. Since I don’t know which door they came through.
Off to do more debugging …
So, yeah. I’ve lost sites to hacks before – the wiki on dresan.net, which I barely used – but those were obvious. This one is a subtle hack, not immediately visible, detected by the supercomputers at the Google. Will take a bit of effort to work this one out.
You see disruption here, you know why.
Will be AFK for much of tomorrow, so I’m going to take a shot at having a post previously written come up automatically. Stay tuned …
Welp, while I’ve missed a few days, I have overall kept ahead of the blog wolf. By a hair. My lovely plans to build a buffer have resulted in one backlogged article, which I’ll post tomorrow to keep myself honest (and keep it from becoming stale) and basically no buffer. I’m only ahead because I sometimes post several articles per day, like today.
Sigh. No wonder I’m so stressed out – I make even being a dilettante a chore.
We are back in business. Apparently it was a temporary database glitch. Time to make sure my backups are up to date. Meanwhile, since I’m waiting to find out where my next meeting is, enjoy a picture of a coffeehouse that I am totally not at right now.
… the Library of Dresan is letting me add posts, but all other operations are squirrelly. Stand by.
So, as you may or may not know, I’m trying to blog every day this year, and just now, taking a brief respite after my red-eye flight, I decided to extend my tracking spreadsheet from just January to cover February. And when I did so … my tracking graphic suddenly turned into … I don’t know … an origami Pac-Man?
I’m not even sure how this particular chart type could make the above graphic, so I’m not sure how to fix it. This probably should get filed under “if you break the assumptions of a piece of software’s inputs, it will break your assumptions about its outputs.” Best thing to do is probably start over with a new graphic.