Too Posh To Mosh

Random crap by Dave Rutt

Malicious content?

Is that even how you spell malicious? Oh, it is. Anyway, it seems that Google has found some malware hosted on my blog and has thus flagged my site as “potentially dangerous”.

If you’re using Firefox or another browser that checks Google’s list of bad sites you’ll get a a big red page telling you that my site may harm your computer. It won’t and probably didn’t previously but I have found some code inserted into various places.

It’s possible, but unlikely,  that my site passwords were hacked. I don’t use easily-guessable passwords these days and I use a plugin called Login Lockdown that prevents multiple login attempts into the admin backend. It’s most likely that another site hosted on the same server is using some insecure script or other and someone prick has managed to get root access, or similarly administrative access, to the server itself.

I had a zero-sized iframe inserted into only one of the links in my blogroll and some malformed javascript inserted into the header and footer php files. Neither of these things were properly written – the syntax was all wrong in both cases – so whoever it was didn’t do a great job, but the URL of a known malware site was left in my source code and Google was able to pick up on that.

It’s good that Google does this, in cahoots with stopbadware.org. It’s a pain for me, in that I need to get my site reviewed again by Google so that it can be taken off the list, but also helpful in that they’ve found the attack for me. I’d have never known about it otherwise, not without scanning the site code and database – and there’s a LOT of code!

I’ve changed all my passwords just in case, along with changing the database name and user password. It shouldn’t happen again, but then you can never really know for certain when you’re using shared hosting.

Next Post

Previous Post

3 Comments

  1. Toxie December 10, 2009

    It’s a pisser.

    There’s a couple WP plugins – “WordPress Exploit Scanner” and “WP Security Scan” – might help get anything else nasty lying about.

    And just after I’d visited here a couple of strange files showed on my PC, thankfully just install files from Malwarebytes update.

  2. Toxie December 10, 2009

    Really should proof read my comments before posting

  3. rutty December 10, 2009

    I’ve edited it for you 😉

    I’ll get those added in. Cheers 🙂

© 2017 Too Posh To Mosh

Theme by Anders Norén