WordPress Blog Sites

Fellow WordPress Bloggers – A Cautionary Tale ?

2009-10-23:  Late last Tuesday night, and early into Wednesday morning … I was working quietly at my computer in a Vienna Hotel Room … carrying out some basic maintenance on this Blog Site … and deleting the latest splurge of ‘Missed’ Spam from a continuous torrent of Russian Spam being directed, I can only presume now, at many … or all(?) … WordPress Blog Sites.  I then returned to the Site’s Dashboard Page, and proceeded to Log Out.  Only … the Log Out Page was a blank.  I tried again and again to access it.  No success.  Later, I found out that we had been hacked !

You don’t believe these things, until it happens to you personally.  Well … it did … and there is no use in crying.  This is just a game being played by ‘nerds’ … for the benefit of other ‘nerds’ … and none of them have any understanding of Collateral Damage.

Our Apologies, therefore, for being off-line from just around midnight, local Irish time, on Tuesday night … until early in the afternoon of the following day, Wednesday 2009-10-21.  As part of the process of going back on-line, the Site has been cleaned and sanitized.  Unfortunately, we can do nothing about the WordPress Software itself.

Our Thanks must go to our backup ‘techies’ at 2bscene Ltd., with a special thank you to Tom.  Good work, men !   Smoke them, if you have them !!


Arriving back in Dublin, however, I again went to the Dashboard Page … and noticed this ‘cute’ little blurb on the WordPress Development Blog

” WordPress 2.8.5: Hardening Release   2009-10-21

As you know, over the past couple of months we have been working on the new features for WordPress 2.9.  We have also been working on trying to make WordPress as secure as possible and during this process we have identified a number of security hardening changes that we thought were worth back-porting to the 2.8 branch, so as to get these improvements out there and make all your sites as secure as possible.”

What a load of old rubbish … and intended to obscure what had really happened !   Serious weaknesses in the WordPress Software had been exploited by the ‘nerds’ who hacked our Site.  Let’s hope that this latest WordPress Patch will be effective.

But … how many other WordPress Blog Sites had been hacked around the same time ?

And Another issue …

On the Dashboard Page of this Blog Site, we are being told that … over a certain period of time … Akismet has protected us from approximately 4,500 Spam Messages.

However … on the Akismet Statistics Page … over the same period … we are informed that approximately 3,800 Spams have been caught … while the number of ‘Missed’ Spam is always Zero.

I don’t know about anyone else … but, for me, those figures are a long jump away from adding up.

WordPress is a great format for Blog Sites … but, this is sloppy work from the WordPress People !   Do they give a damn about the ‘users’ … the general public … you and me ?




Enhanced by Zemanta