So the reason I haven’t posted here in a while is because I got a new job!
As of about six weeks ago I started working full time with Google as a Strategic Partner Manager, in the EMEA Reseller team. It’s been fun, exciting, and a lot of work and material to learn and (hopefully) master in quite a short amount of time.
If you’re curious what “Reseller” means at Google, here are a couple of links:
Finally, a disclaimer: The views and opinions I post here on my blog are mine, mine alone, and not those of my employer. I don’t (and wouldn’t presume to) speak for Google. (And no, I can’t talk about any cool new stuff that hasn’t been released. Most of the time I only find out about it when it’s released, anyway.)
It’s going to take a while before I get back to posting regularly, but I’ll eventually find the time.
While WordPress is great software, its ubiquity means that a lot of script-kiddies and general hackers like to attack it. All of the different settings, options, plugins and the rest mean that it takes quite a bit of work to balance letting people participate (through comments, postings) while keeping spammers and hackers out.
About a year and a half ago, my blog was hacked. I was notified of it by Google’s webmaster tools, and it took quite a while to go through all the different files to find the offending code and strip it out. It ended up being located in a number of different places, so it took a few go-through’s re-submitting the site to Google before the hack-detection software declared it clean.
I was always a little worried that I hadn’t gotten it all. Recently, I came across a great couple of blog posts that I highly recommend:
— — — — — — — — — — —
Files that were uploaded:
All the php files were nearly identical. Here’s the code:
I don’t code in php, so I don’t really know what this says, but hopefully it might be useful to anyone afflicted by the same script.
I highly recommend if any of you have WordPress blogs to take these same steps to see if you’ve been hacked.