[fr] Nouveau serveur. Sans spam, avec un peu de chance.
I’ve spent the last two weeks in a kind of blog-limbo. After thinking I had rooted out my spammers, I had the bad surprise to find my pages spam-riddled again a few days later (after having proudly demonstrated to my SAWI students the consequences of being hacked). Long story short, we found a cute little remote shell in PHP and removed it from the server, discovered that PhpMyAdmin was compromised (I know, no rude comments please), but had a hard time finding out exactly where the spam itself was hidden (all the obvious stuff listed in various “get rid of pharma hack” and “what to do when your WordPress install gets hacked” blog posts yielded nothing).
This whole “being hacked” thing was starting to feel unpleasantly like a flea infestation: you think you’re rid of them, but here they are again!
After many hours of digging, we decided it was not worth losing more time as a server move was in the works anyway. If you’re reading this post, you’re accessing Climb to the Stars from the shiny new spam-free server, yay! Needless to say security has been tightened up and we will be monitoring it closely for any suspicious activity.
Expect normal blogging to resume at some point.
Similar Posts:
- On Being Hacked [en] (2011)
- Server Migration [en] (2015)
- Nestor Angulo de Ugarte: The strange case of malicious Favicons [WCGVA 2022] [en] (2022)
- Stories to Listen to, Moderating Blog Comments, Teaching Blogging [en] (2015)
- I Hate FTP [en] (2009)
- Emergency SMTP Server for OS 10.3 [en] (2004)
- Quick Comment Spam Tip for WordPress [en] (2004)
- TrafficMagnet Spam [en] (2002)
- Ingress: My Leveling-Up Advice So Far [en] (2015)
- A Blog About Web Analytics I'm Going to Read [en] (2010)