SWX web site spam hack
Danny emailed me today to say that he'd noticed spam links on the SWX web site (thanks, man!) When I looked, I couldn't see anything. That is, until I looked at the source.
Somehow, someone managed to inject spam links and hide them using display:none. The actual code starts like this:
<u style="display: none">
And then includes the spam links.
I feel they may have gotten in through a vulnerability in the older version of Wordpress that the site is running. I am now in the process of upgrading it to the latest version (2.3.2) and having my web host check the servers.
In the meanwhile, though, I didn't want the bastards to gain another penny from having hacked my site so I whipped up a very simple Wordpress plugin that checks for and removes those links.
It's called Remove Hidden Spam and you can download it here (.zip; 718 bytes) in case you're affected by this also (Danny told me that Keith was hit by this recently too.) Just copy it to your plugins folder and activate it.
by Upgrading to Wordpress 2.3.2 at Aral Balkan on 2008-01-13 18:32:17
by Ben on 2008-02-13 17:31:33
by Keith Peters on 2007-12-30 22:35:18
by Claus Wahlers on 2007-12-31 00:54:40
by Ash on 2007-12-31 15:02:02
by Ronny on 2008-01-01 16:18:01
by Aral on 2008-01-02 09:32:44
by Matthew Keefe on 2008-02-16 20:05:49
by Claus Wahlers on 2007-12-30 23:05:10
by Aral on 2007-12-30 23:07:06
by Andrei on 2007-12-31 18:46:11
by Michael on 2008-05-13 08:38:43
by Michael on 2008-05-13 08:40:12
by Cronachesorprese » Prova tecnica - Plugin on 2008-03-18 10:59:27
by Mook on 2009-03-12 06:31:11