Comments on: My blog got hacked, probably at Blogworld Expo

By: Murfreesboro Cabling

Murfreesboro Cabling — Sun, 12 Oct 2008 22:26:06 +0000

Sorry to hear that your blog was hacked, this is a problem when you use someone else’s software, you do not know how well the code is written.

By: Hacker Forums

Hacker Forums — Tue, 07 Oct 2008 20:00:28 +0000

Most all hacks are from people not upgrading their software.

If you don’t make a ton of changes, just backup your template one time, then create or download a script to email you a database dumb every couple days.

By: contentious.com - Bluehost’s Bad Attitude: Customer Service 101

contentious.com - Bluehost’s Bad Attitude: Customer Service 101 — Sat, 02 Feb 2008 17:59:33 +0000

[...] were generally going OK with hosting both sites on my Bluehost account, until last November, when Contentious got hacked — someone sniffed my password when I logged on over open wifi and inserted spam into my blog. [...]

By: Chip Neville

Chip Neville — Wed, 14 Nov 2007 02:51:12 +0000

This illustrates a critical security flaw in the design of Wordpress and most CMSs (Content Management Systems). They do not provide secure https for logins, where passwords must be sent over the net, and administrative access. Only Plone , and maybe some of the Java based systems, seem to provide this capability, but only by tearing your hair out first. If Wordpress provided it transparently, you would have used it, and your password would not have been stolen.

By: contentious.com - This blog is still hacked, grrrrrrr…..

contentious.com - This blog is still hacked, grrrrrrr….. — Tue, 13 Nov 2007 15:49:35 +0000

[...] in advance to my readers, but it appears my hacker woes are not yet [...]

By: Amy Gahran

Amy Gahran — Mon, 12 Nov 2007 18:48:59 +0000

TDavid, Mark — yes, I’m definitely looking into an EVDO connection. Thanks. But I still need a more secure solution in the meantime. It’ll be a few weeks before I can pull that into place.

- Amy Gahran

By: Jim Turner

Jim Turner — Mon, 12 Nov 2007 17:21:00 +0000

Amy,

Looking back now, I may have also been hacked. I was trying to post to my blog so I could show the audience in my presentation something, and suddenly I lost my blog’s template. I’ll let you know when I find out what happens. Perhaps at the next meetup. Good luck!

By: Mark Jaquith

Mark Jaquith — Mon, 12 Nov 2007 17:16:21 +0000

Never, ever, transmit a plaintext password over unsecured WiFi. Heck, probably not a good idea to do it over WEP’d WiFi either.

Solutions: HTTPS, VPN — or just forget about the WiFi and get an EVDO card. A few trips to Starbucks/hotels/conferences a month and it will pay for itself.

By: TDavid

TDavid — Mon, 12 Nov 2007 17:11:08 +0000

Suggestion: get your own EVDO connection — don’t use conference WiFi which usually suck anyway.

By: contentious.com - Twitter actually can be useful

contentious.com - Twitter actually can be useful — Mon, 12 Nov 2007 16:55:43 +0000

[...] the weekend, I found Twitter useful when I learned that my blog was hacked by a spammer. As I rushed to understand what happened and what I needed to do to fix the problem, I [...]