Site recovery

I’ve most mostly offline these past few days, because I was recovering and cleaning this site (along with a bunch of others) from some malicious code that got inserted into the blog files due to the server account they reside on being exploited—or, in other words, the blog was hacked.

From a technical perspective it was innocuous enough: a bit of encoded PHP code (“PHP” is the programming language WordPress is built on) got inserted into the site files that simply redirected users coming from external links to spam or malware sites. The code itself was easy to spot and subsequently easy to clear out, but it had infected a lot of files so it took time, and of course I’ve been closely monitoring the sites since cleaning things up and locking them down to make sure it didn’t happen again.

So, if you’d tried to visit this blog over the past several days by clicking on a link from another site—Google search results, for instance, or Facebook posts—then you would have been redirected to something else entirely (possibly triggering a malware warning in your antivirus program). However, visiting the site directly—typing “thebrewsite.com” into the URL bar directly, or clicking from bookmarks—bypassed this redirection so if you didn’t know better, you wouldn’t know the site had been compromised.

Anyway, everything’s back to normal for the moment so I will resume blogging shortly.

Comments are closed.