More on the blog hacking

 Posted by (Visited 14723 times)  Game talk  Tagged with: , , , , , , ,
Apr 152008
 

I keep updating this post as I learn more. So if you’re affected, there’s new material at the bottom. I am currently running this full sweep every day, because each day I find something different. But three days ago there were twenty things, yesterday five, and today only one, so maybe I am getting closer.

Latest news 4/25/08: blog seems secure again. But be sure to do the “secret key” thing newly listed at the bottom as well!

So, I mentioned before that I was a victim of a hack. It was a spam injection attack — the one known as the Goro injection attack. But my symptoms were slightly different from some of the ones I have seen on the net, so here’s some war stories even though I suspect the blog is STILL not clean.

First, read these two posts:

Also read the advice from Jeff Freeman in the last post on this.

OK, in addition to that advice, I also had the following problems:

Continue reading »

RSS feed fixed

 Posted by (Visited 6597 times)  Misc  Tagged with: , ,
Apr 082008
 

Someone finally pointed out to me that the feed has been busted for days. It’s fixed now. So you can go catch up, if you read the blog that way. Also upgraded one more version — almost to 2.5 finally. Sheesh.

I see I now have this nifty tagging feature. There’s a tag cloud over on the sidebar now, and I tagged some of the recent posts. I also installed a plugin that lets readers tag posts — it’s at the end of each post, and it lets readers suggest tags. Enough people agree, and the tag goes on the post. Spaces are allowed in the tags. So have at!

Work in Progress!

 Posted by (Visited 7665 times)  Misc  Tagged with: ,
Mar 272008
 

Trying to upgrade since the header file got hacked again today. Sorry for the interruptions. Hope to have things back to normal in a bit.

ETA: ok. turned the plugins back on for now. Things should look ok again. We’ll keep an eye on things and replace the header again if need be. Upgrades seem to be stalling out for no apparent reason.

Blog seems functional again

 Posted by (Visited 11323 times)  Misc, Open thread  Tagged with: ,
Mar 242008
 

You may have noticed the blog being partially inoperative this weekend. Well, it seems to be back. We’ll see how it goes during the day.

The background: on Friday or Saturday I attempted to log into the admin dashboard only to be told that I had to upgrade my database. I assumed it was because my host was forcing me to go from the old 2.1.x version to the newer 2.3.3 version which has a lot of security fixes. Well, I clicked the “upgrade” link, it didn’t work, and then the dashboard became inaccessible. I got stuck in the endless upgrade loop described here.

I then spent two days trying forced and manual upgrades to 2.3.3, 2.2, and every number in between. Looked like it was always timing out when trying to update things. While I wasat it, though, I also uploaded the images for the new theme that I have been messing with — so at least there was a new look. 🙂

Morgan suggested forcing a database upgrade, which I didn’t see the point of, given that said upgrade is exactly what was failing each time. But it did make me go look at the value of the db_version field in the wp_options table. Which was “1” instead of what it should be. I changed it manually to 4773, and the upgrade link succeeded, and now it’s at 5183 (which is correct since we are currently running 2.2.3). So thanks, Morgan!

Tonight perhaps, I will try finishing the job and going all the way to 2.3.3. In the meantime, you may notice that some blog functionality is missing — translation, for example. Most of it is just commented out, and I will have to dig into the PHP for the sidebars to bring it back. The new theme is supposed to have a bunch of stuff rearranged, but I suspect it makes no sense to do that until I get to the latest version.

Post here if you see any obviously broken stuff, please!