Dammit, this blog has been hacked again!

MSNlive

Despite what MSN’s search engine thinks, I am NOT hawking drugs on this site…

(UPDATE: Since initially posting this, I’ve learned a bit more. The plot thickens…)

My friend the SEO maven Brett Borders just alerted me to some disturbing news. Apparently, Microsoft’s search engine thinks this blog, which I’ve run since 1998, is drug spam.

Brett got tipped to this by a Mar. 25 Search Engine Journal story, Hackers Forcing Sites to Cloak Search Engines with Link Spam. The screen grab illustrating that story showed Contentious.com near the top of a list results from a “linkfromdomain search on MSN so I can prove that, indeed, there are over 2,000 links FROM Twitter pointing TO pages about Viagra.” I just repeated that search, and sure enough my domain is on that list — showing spam content that somehow has been hacked into my site.

I also just searched Google for references to Viagra from my domain, and saw that Google is caching that same spam content for my home page as well.

As far as I can tell, this spam content has been inserted my home page as well as at least three recent posts. Obviously, this Wordpress blog has been hacked again. Like I didn’t have enough troubles with this last fall.

This is annoying, and could be potentially damaging to me. I’m on a deadline and don’t have time to delve into why this is happening, but would appreciate tips for Contentious readers about why this might be happening and what, if anything, I can do to stop it. I’m getting really tired of this, and hate that I only find out about it via third parties.

Got any suggestions before I can dive into this myself? Please comment below.

Thanks!

If you liked my post, feel free to subscribe to my rss feeds

Post meta

This entry was written by Amy Gahran and posted on March 25, 2008 at 11:04 am and filed under blogs, help needed, problems, search. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment(Latest is displayed first) or leave a trackback: Trackback URL.

Share with others

Post Dammit, this blog has been hacked again! to digg.

Post Dammit, this blog has been hacked again! to Reddit

3 Comments so far (Add 1 more)

First: The offending text-links are most likely in your footer.php file. get rid of them.

Second: Backup your database.

Third: Upgrade WordPress to 2.3.something

Fourth: Read this and do #2.

Fifth: Can’t remember where I read this, but open up header.php and remove the meta generator tag with the version of WP in it.

Sixth: Change your FTP password, just in case.

Drama. Sigh.

[Reply]

1. Ryan Sholin on March 25th, 2008 at 4:51 pm
Patrick, I really don’t think that’s the solution. In the 11 years I’ve been running this site, I’ve switched blog platforms several times. That’s why my archives are a mess, and why inbound links to many of my older posts don’t work.

Switching to a new blog platform is a HUGE time-consuming hassle, it always creates more problems, and EVERY platform has weaknesses and vulnerabilities.

There are many, many things I like about wordpress. I don’t want to switch. I just want to learn how to operate it as safely as possible.

- Amy Gahran

[Reply]

2. Amy Gahran on March 25th, 2008 at 3:19 pm
Perhaps the best solution is to move away from Wordpress for your blogging app?

[Reply]

3. Patrick Beeson on March 25th, 2008 at 11:12 am