While updating a number of other sites I also decided to clear out some of the test sites I have on my general hosting. Good move as it happens, I noticed the dreaded ‘1’ folder on my wordpress blog too. It’s usually found in the wp-content folder, nestling above the plugins and themes folders. Luckily there are easy ways to remove said inconvenience and I found them on the bontb website. Bontb, for those who don’t know or are just darn curious (like me!), stands for Blog or not to blog. Thank you Majo!
I generally have a neutral view of hackers, you could say that they come with a territory and are always a risk. Lock it all as tight as you can and ride out the storm of school holidays and study leave.
Of course that all changes when files appear on your server that you think has been locked tighter than a nut. I will admit I don’t look at everyone’s site every day so it didn’t hit my radar until my customer tells me his site is down. (A week after he comes back from holiday. By which time of course, 2 weeks have gone past and there are no logs to check how this happened and for proof.) At this point there is no berating the customer, they didn’t ask to be hacked and they are always right…
So it is time to hate the hacker.
All the time I have to spend talking to the host while they pass the buck and pretend it never happened because there’s nothing they can do anyway,
All the time I have to spend reassuring the customer,
All the time I spend uploading and installing a clean script install to replace the already latest version I had running,
All the time I upload products and attributes and other such things to the database,
All the time I go through the configuration files line by line,
All the time I upload custom text files,
All the time I re-upload the images,
I hate the hacker for trying to grab credit card data that the site doesn’t even accept [grr]
But then I have to laugh, the site is so quiet at the moment that the chances of them getting any results would be nil. There’s no credit card data accepted or stored.
I have to love the hacker who is so incompetant that their injected files do nothing but produce error messages that then cause the customer to call me to say their site is down. If the site had been popular or the customer less on the road it would have been reported same day and then the possibilities for proof and tracking could have been endless.
So although I’ve spent hours putting a site back together, I have to quote Nelson in saying