So one of my friends, Hunter, contacted me and let me know that the blog had been defaced. Basically a bunch of links were inserted into the SQL table that contained the links. I was able to quickly clean them up and then scanned through everything else looking for other problems. I didn’t find any and in particular I found no changes to the configuration information in the database NOR in any of the PHP code. I did, however, notice that there were some tens of thousands of userids defined and while I would like to think I have that kind of following looking at the IDs and emails addresses it appears that large numbers of them are/were bogus. It looks like they used some sort of vulnerability in the trackback functionality to insert data into the links table. I believe I have blocked that.
I have also implemented several spam/hacker type blocks on the blog. One of them is a new user activation scheme so that when users create a new account they will be mailed an activation code and will have to enter it the FIRST time they log on.
Further, I forced every account to be deactivated so EVERYONE that logs on the next time will need to enter a reactivation code. That code is simply a single specific word all in lower case… And that word is "reactivate" without the quotes. So you will type that exact word out for the activation code. Got it? 🙂
In a few months I will go through and purge the database of every ID that wasn’t reactivated.
If this is an inconvenience I apologize for that but I felt it was necessary enough to force the inconvenience.
joe
Hi Joe; wanted to let you know your tools are amazing; i’ve primarily used only the ds tools but from time to time needed to perform tasks they lacked with adfind and admod. thanks very much for your generosity to us all who use your gifts.
Glad they are useful for you! 🙂
joe
Hi Joe
I created an account today but have not been able to successfully login with the details provided. please advise next step.
As an alternative test I have created a second account and get the same situation the error is incorrect user name or password. I have cut and paste the details from the provided email. please advise next step
Apologies Ian. I did some troubleshooting and it was breaking on the activation code piece but in a way that wasn’t showing it to be that piece. I looked over the source code for that plugin and chased into the github project as well and I have no idea how it worked before. I had to add a line to it and now it appears to be functioning properly. Let me know.
joe
Hi Joe
I am in and the activation code is working fine! Thank you!
Awesome. 🙂