Site was hacked

If you’re someone who noticed that the site was down for half
an hour or so this morning, I apologize. The site had been hacked
and I had to restore it to a version without drug ads all over the
version fed to text browsers.

One thing I don’t know how to back up is the widgets settings.
This is the things in the right sidebar that help you find the
posts most people read, or the ones about knitting, or how to
subscribe in an RSS feed.

I have most of the ones that are important to me back, but if
there’s something you like that’s gone missing, let me know.

Future plans

When people give you advice about how to avoid this problem,
they always say to make sure you have the latest version of the
software. I have in fact been quite conscientious about upgrading to the
latest version of wordpress, and there’s a real possibility that
the hacking happened on the upgrade yesterday morning.

Certainly one of the problems that has meant very few posts
recently is a bug introduced in WordPress 3.1.1 and not fixed in

I found this bug very shortly after upgrading, so
I haven’t “upgraded”, and it wasn’t hacked.

So I’m afraid the moral of the story may be that you shouldn’t
use WordPress, not because it isn’t good software with a large and
active community behind it, but because so many people use it that the hackers have
a large incentive to figure out how to hack it.

So if anyone has actual experience with one of the
alternatives, I’d be interested in hearing about it. Drupal and
Joomla are two that I’m thinking of looking into.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: