Eeek! First off, let me say Thank God that I had the WordPress plugin “WordPress File Monitor” installed, because that is what alerted me to the problem. Note to Bart B if you are reading this, heehe, I am glad I wasted my time with that voodoo! 😉
So, I get an email today from the WordPress File Monitor (dated yesterday, I am slow) informing me that a bunch of files were uploaded to one of my other blogs in the “uploads” directory – left as 777 permissions for easy photo uploading.
In the uploads directory, a file named “img1.php” was added, along with a fresh new directory named “2008” with a bunch of sitemap files. (note: I just started this blog in July of 2009, and I have no entries or uploads from 2008, so it was very fishy.)
So, of course my first thought is am I going crazy? Did I somehow upload these files without knowing? Initially at first I didn’t notice the .php file, so I only thought the 2008 sitemap files were added.
I contacted my host, and she assured me that it wasn’t anything too terrible, that it was an every day run of the mill spammer. Sneaky spammers! She has seen this sort of thing many times.
She suggested I change my WordPress password and check the database for any extra users. I found no other user accounts, thankfully!
For future reference, I found two articles that list details on how to find and remove any hidden admin users:
But now I am left puzzled on how they got in!
My WordPress admin password was pretty strong – 15 characters (numerical, upper and lower case letters) and I wasn’t using the default “admin” as my user name either. My host also suggested it might have been from “an exploit via a plugin that isn’t secured against arbitrary remote inclusion/retrieval”
I am only running 4 plug-ins. Akismet, Hello Dolly, WP Security Scan, and WordPress File Monitor. I did also have the un-updated WordPress Exploit Scanner plug-in, but it was left de-activated. I have since removed it from the plugins folder.
I suppose since I don’t have a secure login, I imagine that possibly my password could have been bypassed? I dunno. I think I might install the Login Lockdown plugin – yeah, Bart more voodoo!
Well, anyway, I am going to really search through my files and make sure everything else is alright.
I found an article that might help me search through the database just in case the spammers attached anything to my posts.
Right now, it doesn’t look like much damage was done. But worse case scenario, I have database backups every night. I can always revert back to one of the older ones and re-create the newer entries I wrote, or I could even export my entries and install a fresh copy of wordpress. We’ll see.
So, be wary of your WordPress blogs! I dunno how they got into mine, but they did, and thankfully I was lucky and it wasn’t too painful!
PS. I took a look at the .php file they added, and one of the first lines of code was $language=’ru’ (aah, From Russia with love!) But anyway, here is the some of the code from the file:
error_reporting(0); $language='ru'; $auth = 0; $name='abcdef1234567890abcdef1234567890'; $pass='abcdef1234567890abcdef1234567890'; @ini_restore("safe_mode"); @ini_restore("open_basedir"); @ini_restore("safe_mode_include_dir"); @ini_restore("safe_mode_exec_dir"); @ini_restore("disable_functions"); @ini_restore("allow_url_fopen"); @ini_set('error_log',NULL); @ini_set('log_errors',0);
It’s been advised to change the default “admin” user name on WordPress installs, and it sounded like a great idea, until I tried to do it.
I found instructions, but details on how to actually edit the mySQL table were not explained. I tried to figure it out, but it just seemed too complicated.
The instructions over at guvnr.com were very helpful, but I didn’t want to start a new admin username, and delete the default user name, when I had so many older posts.
Well, I figured it out. WordPress allows you to move your posts, pages, etc to a different user! Yay!
Add a new user with Admin privileges.
Go to Edit Posts and select all posts on the first page
Choose “Edit” from the Bulk Edit pull down menu and hit the Apply button
In the Bulk Edit editing area, choose your new user account from the Author pull down menu.
And lastly, hit the “Apply” button.
Go through each page of posts and repeat.
Awesome! I love WordPress!
ETA: hahaa, okay, I admit I am a big dope. I went through the above steps on one of my WordPress. After all posts were moved to the new user, it was time for me to delete my original admin user account.
I guess when you delete a user, WordPress asks you if you want to attribute all posts to a new user, and gives you the opportunity to do so.
Oh well, I guess you all can ignore this post! haha!
One last note: Just make sure before you delete that you are logged out of the original admin account and logged in to the new one. And for safety, BACK UP your database first!!! Just in case!
Slowly, I am working through all my WordPress blogs and trying to make them more secure. I have found several web site articles and WordPress plugins that have been very helpful.
http://wordpress.org/extend/plugins/exploit-scanner/ – WordPress Exploit Scanner – this one is a bit tricky, the version on the author’s web site is older (version 0.3) and that has legit md5 checksum, but there doesn’t seem to be a md5 checksum for the version 0.4 that works with newer versions of WordPress, so I am not activating this until I can research further.
New blog article from Matt – UPGRADING is the only way to keep yourself safe!
I needed to convert a text document with personal data to an Excel spreadsheet. I wanted to use Neo Office (Open Office) but couldn’t find a way to import text, so I fired up my Windows XP virtual machine, and installed an old copy of Office 2000.
So, here’s the dilemma, the data was pasted into a text file from a web page and it was formatted with line breaks. There were 180 blocks of data like this:
After googling, I found that it’s fairly easy to import text as long as there is some sort of delimiter like tab, comma, semi-colon separating the data.
In excel, choose Data>Get External Data>Import Text File
Initially, I tried comma, but didn’t work well, since some of the text data already had commas, so I decided to use a semi-colon delimiter.
I typed a semi-colon after each section & painstakenly removed each line break.
I worked in small chunks, importing after a few sections. This was taking forever. I needed a short cut!
Since I was using Text Wrangler, I figured there might be a way to automatically remove the line breaks. Yay! Found it. Text>Remove Line Breaks. Couldn’t be easier!
Okay, now if only there was a way to somehow add a semi-colon after each line. Whoo-hooo, how about this:
I selected each section, added the suffix of “;” then removed the line breaks.
Text Wrangler cut my work in half!
NOTE: When Text Wrangler removed the line breaks, it added a space in between the items, so that messed up my spreadsheet by adding a space before each item in the cell. Before I imported, I did a “find/replace” and replaced all the ;(space) with ; and that worked!
I was having trouble with my WordPress admin login using Firefox; I would need to login every time my browser window was closed or I exited Firefox. Strange because one of my other WordPress blogs had no problems.
I cleared Firefox cookies, my cache, passwords, form data! Nothing seemed to work. I tried it on Safari, and same problem. Wouldn’t “remember me” and I would have to log in every time. So, I knew it wasn’t just a Firefox issue.
Then I found this post on the WordPress Support forum.
I had my Settings>General>WordPress Address set for “http://www.splashofstyle.com” with the “www” but whenever I tried to access the blog, (typing the address or from any of my bookmarks) I was using “http://splashofstyle.com” without the “www” – THAT was the problem; it didn’t match the WordPress Address setting, so it made me log in every time.
So, now I am consciously including the “www” whenever I access my WordPress Admin and it now remembers me every time. yay!
I knew setting a future publish date could be done in WordPress, but I never really had a need for it. But I decided to try it out on another WordPress blog and it works great!
On your ‘Add New Post’ page, on the right column, there will be an option to ‘publish immediately’ or click the ‘edit’ link to change the publish date. It’s also a good way to publish past dates too.
Change the publish date and click OK
The new publish date is displayed. You can change it at any time by clicking the edit link. Hit the “schedule” button to update your post.
I have been working with Espresso code editor from MacRabbit, and so far it’s been a good experience, but I wanted to learn more about Espresso Sugars….Sugars are little plug-ins for Espresso. Don’t ask me exactly what they all do, because I am just learning; but I believe they add functionality and coding languages to Espresso.
I downloaded the Expression Engine sugar, since that is the CMS I have been working on. I figured it would be a great help to have the Expression Engine coding easily accessible.
So, I copied the .sugar file into the sugar directory, and tried to figure out what to do next. I felt pretty stupid! I found the Expression Engine codes in the Actions menu, but they were all grayed out. huh? In fact, most of the Actions seemed to be grayed out.
I found nothing on Google, so I figured it was best to ask for help on the Espresso Discussion Forum for sugars. I quickly received an answer from Anthony Short, who I just realized is the author of the Expression Engine sugar! ha! Too funny.
Anyway, he told me Espresso should be able to automatically figure out that it’s an Expression Engine document (which it wasn’t doing) but if not, I needed to set the language for the document under View>Language.
That did the trick! All the Expression Engine coding was magically listed in the “Snippets” panel. The coding also works with code completion, which is a lot easier!
Unfortunately, there is no way to permanently set the language to Expression Engine for the document. Once you close the file or quit Espresso, it reverts back. I hope there is some way to save the document language in the future.
I have been a faithful Expression Engine user since 2004. I was lucky enough to be one of the thousand or so people who received free copy way back when. Movable Type had just released version 3, and there was a huge uproar over the new licensing agreement. Pmachine (Expression Engine) decided to take advantage of the bad publicity and give away a ton of free copies (originally $149).
Anyway, I have been a fan ever since. Yeah, version 1.5 might be looking a little long in the tooth, but it works for me. I know they are busy perfecting the new 2.0 version so it’ll be worth the wait.
So, back to the point of this post. I use Expression Engine on another large web site I have. It’s been almost 4 years since I last designed it, and it’s in bad baaaad need of a redesign. It’s true that if you don’t use it, you lose it; a lot of my web coding knowledge has been tucked away into back pockets in my brain, so it’s also been a challenge to relearn CSS. There has been so many new tips and tricks, and the good news is, no need to design for old outdated browsers. I do still need to worry about IE6 users, but further back than that, nope. Done!
So, for the past week or so, I have rolled up my sleeves and concentrated on relearning CSS and the Expression Engine design tags & templates. It’s been a blast. I forgot how much I loved coding!
I don’t know if anyone will care about my redesign process, but I figured that I would try to document it anyway, at least for my own sake.
Where to start? Read the Rest of the Article
EEk, held my breath as I used the WordPress automatic updater. I have always updated manually using sFTP, but with the release of WordPress 2.7, there is now an option to auto update.
I used the auto-update on another blog, and it was quick and painless, but with the Splash of Style site, I didn’t know if it would mess up my personally coded theme. And it looks like it worked seamlessly. phew.
For those that haven’t updated to WordPress 2.7, do it! It’s great!
I have a blog for my Rat Terrier dog, Mindy. But since we just added a new Rat Terrier to our family, I wanted to start a new blog with a new domain name. I didn’t want to lose all my original blog entries and comments, etc.
I thought I was going to have to import data from the old MySQL database, and that was kind of a scary thought. But it turns out it’s much easier than that.
In your original WordPress blog, click Export under Tools