Hacked

As people probably noticed, lately someone hacked my WordPress installation and turned this blog into a pharmaceutical link farm. I asked Dreamhost for help and they sent me sort of a friendly “have fun fixing that!” message, but they did run an automated scan indicating that something was wrong with my wp-config.php file. Sure enough, it contained a big chunk of PHP nastiness. Is it enough to just delete that and upgrade to the latest WordPress? Hopefully so. The posts and comments seem uncontaminated, at least at first glance. If things aren’t really fixed or go wrong again I’ll have to nuke the whole blog and restore from saved files — no fun.

Looking back, it’s not clear why Dreamhost’s “one click” WordPress install came with a plugin that disables WP updates. Also not clear why I failed to notice this.

I took a quick look at incoming search traffic and people actually do search for this stuff. Just today I got:

  • where ca i buy valium [sic]
  • xanax for sale no prescription
  • activists on xanax
  • phentermine 37.5 without prescription
  • canada phentermine
  • where to buy drugs in toronto

I like “activists on xanax,” it sounds like a band.