Sometime in the last few days, one of my blog sites, http://www.queenofkludge.com fell prey to a virus. The virus inserts code into each and every .php file on the host ... the code starts with "/**/eval(base64_decode" followed by a long string of letters.
If I had been feeling more patient yesterday, I might have taken the time to work on fixing the site ... after all there is no shortage of advice on the internet.
Instead, I figured "screw it", and I deleted the entire F**ing site.
Fortunately, Jeff Turner and partner Steve Zenhqut released their WordPress Plugin to Import Active Rain Posts just in time.
So after a new clean install of WordPress, I used the Wordpress Plugin to Import ActiveRain Blog Posts to repopulate the site with posts.
I also installed the feedwordpress plugin to automatically copy my AR posts to http://www.queenofkludge.com from here out.
Couple of quick notes:
BitZipper is great for unzipping all sorts of esoteric compression formats, including .gz files.
If you have over 1,000 Active Rain posts, your file .xml file will exceed the default 2MB WordPress import file size limit. In WordPress MU, this can be changed in the Admin Options panel. In single user WordPress you will need to insert this line in your php.ini or php5.ini file: upload_max_filesize = 64M
I have now changed the FTP password for all my sites, and changed file permissions for several of them. I don't know if this will help prevent future malicious attacks, but I figured it was worth a try.
Now, if I could only remember what it was I needed to do before losing a day doing this.... :-)
(The origianal Victorian image is from LunaGirl Images)
Hi Cheryl,
How do malicious hackers choose their targets? Is it totally random, a grudge, or do they seek out the most vulnerable sites?
My email this morning had a Feedblitz that the Queen of Kludge site had changed. I sign up for things on a reader, not something that comes through email, so better to control my time. Not recognizing the name, I went to delete the feed and the page that showed up was Da Blogmother. I recognized that as you, so did not complete the Unsubscribe.
Then I googled "queen of kludge", was not comfortable going to that site but recognized an ActiveRain site, which I trusted, and came here.
Lo - I not only learned what was happening, but how to populate a blog of my own with ActiveRain posts.
Thanks - and good luck getting rid of the Bad Guys.
Bruce ... Random. Here's a good article
http://www.wpsecuritylock.com/breaking-news-wordpress-hacked-with-losotrana-on-godaddy-and-mediatemple /
Sharon, you might as well unsubscribe, since Queen now has the same info I publish on AR. :-)
What timing!
I am looking for my php.ini or php5.ini file to insert upload_max_filesize = 64M
Maureen,
If you have FTP access, you'll find it in the root directory. It won't show up in the online WP editor ... to protect it from inadvertent alterations.
I will look in my root directory... I am expecting to see tubers there... I hate FTP but I have been playing with it for the last day thanks to Jeff Turner.
An FTP program can be very handy to make quick edits live - online.
Tubers! LOL!
Maureen, given that your post archive is much larger than mine, you may need to make that line upload_max_filesize = 256M or even 512M :-)