If you noticed the site looking funny Sunday morning, it's because I was reinstalling the server-side blog software I use, which is called WordPress. Some time in the last month or two this blog was hacked, through a vulnerability in WordPress that is described here.

The effect of the hack was to inject hundreds of links to spammers' web sites into the text of the blog, in one case visibly and in one case invisibly. This benefits hackers because if they can get a lot of web sites to link to StupidViagraSite.com, Google will think StupidViagraSite.com is "interesting," and will rank it highly in search results.

Here's what I did:

  • I deleted the spam links.
  • I upgraded WordPress to a version that fixes this vulnerability.
  • I changed all relevant passwords and took other security precautions.

We are back to normal now.

Add a comment