Rich Sharples' Blog

I noticed earlier today that this blog had disappeared from Google’s search index. I only check my stats. infrequently so don’t know when it happened but I quickly confirmed with :

And after a bit of Googling I arrived at the conclusion that my blog had been purposely removed from the Google Index due to a violation of Google’s Quality Guidelines and Google’s WebMaster Tools confirmed this with the explanation that my site had some dubious hidden links. Viewing the source showed a block of hidden links pointing to some shity web-sites advertising all the usual shity stuff that no-one gives a shit about. I trawled through the Word Press templates and found some suspect base64 encoded script in the footer which I deleted and quickly confirmed was the culprit.

So that was a waste of 10 mins. or so and I’ve wasted at least another hour researching Word Press security and analysing my site to make sure nothing else was compromised; then patching things up. To save you some time I’ve included some quick things you can do to make your WordPress Installation less hackable :

1. Give your admin user a really tough password or better yet drop into MySQL and delete the admin user completely (assuming you have another admin user already)

2. Run your site through wp-scanner – it will highlight common potential exploits.

3. Make sure WordPress is up to date. Plugins too.

4. Change the default MySQL table pre-fix (remember to backup first).

I still don’t know how / when my site was hacked or by whom – I really can’t be bothered to trawl through the Apache logs to find out and really don’t want to give the cock-sucking spam hacking time-vampires any more of my time.

It’s interesting to note that this particular exploit is really pointless – if Google pulls the hacked site from their Index – it serves no purpose.

Hope this helps, leave a comment if there are any other good tips for securing WordPress.

Tags: hacked, secure, wordpress