So, you may (or may not?!?) have noticed a bit of downtime recently. No, I’m not referring to the lack of posts, that’s something totally different (I’m reliably informed the cure comes in the form of a boot up the bum). Cutting a few corners I changed a few settings to allow me to do things that the blog isn’t designed to do, in the process it opened up a bit of a security loophole that got exploited. The end result being that the server got infected and I had to take the site down temporarily.
So what happened? Well I changed a few permissions and made them a little too open. This let a malicious script upload a file to the server, very big no-no! This script got run, spread itself across the server to nearly every file in sight and then started it’s true purpose, to use my server as a spam bot. Yes, my server is partly responsible for all the crap that clogs up your inbox. I estimate something in the region of 100’000 spam emails were sent out for while I profusely apologise. It has to be said that 90% of those never left the server as my hosting company picked up on the activity and shut down the mail queue but still, my bad!
A full check of the server revealed that the infection didn’t extend beyond the website files so taking down the website stopped the problem in it’s tracks. Then came the arduous task of fixing everything offline. I won’t bore you with all the techie details (unless you really want to know how to sanitise a wordpress install after being hacked?) but suffice to say I spent several hours checking each and every file by hand for malicious code. It’s not actually as hard as it sounds as the code follows a predictable pattern but still… that’s a little under 5000 files!
End result? I’m back. I have several posts part-written either waiting on approval, needing photos to be taken or just plain “not finished”. That is my task today, to start banging out some content for all you lovely people!