Skip to content

The BIG Reason

Music, opinions, and portfolio of Mark Eagleton, musician and web developer in Northern CA.

Some Hackings

My apologies for the broken image links and any spammy redirects you may have encountered here recently. My shared server was victimized by some bot hacking, and I’m still tidying things up.

If this interests you

I had an ancient Wordpress install nested deeply within a development domain that I had neglected to remove. It escaped my attention, being so deeply nested within. And merely being a test install, I likely played with it for a while, got distracted, and forgot about it.

I remember deleting the database at some point shortly thereafter, but this distraction must have been enough to keep me from following through with the removal of the actual files from the install.

As it turns out, the directory that stored all the uploaded files for the blogging software was world writable. This was the exploit, and frankly, I’m surprised it wasn’t exploited years ago! As it turns out, quite a few folks on my hosting provider were exploited the same way in recent weeks.

The exploit allowed for the upload and execution of malicious code that injected some PHP into some of the files on my server. This code inserted some javascript redirects for my site visitors, and left a back door open to allow for future hacking upgrades and malware reinstalls for the hacker.

It was a pain in the ass to investigate, but not too big a deal to remove once I found the source and purpose of the exploit. I also used this opportunity to do some thorough house cleaning and password resetting.

Unfortunately, my house cleaning resulted in me accidentally deleting the uploads directory for my blog. My last backup was too old to account for everything, so there will be some broken image links until I can get a more recent backup from my host.

It’s common for web developers to let there personal sites go lax periodically. We get busy. We burn out. We get distracted. It’s important to remember that website neglect doesn’t only effect the relevancy of your content. It can also lead to security issues. Especially on the inexpensive shared host you keep on hand for proof of concept builds.