Once again, I thank everyone for their patience. I believe that I have finally solved the problems with the site, but there is now much work to be done.
First, the issue I was having does not seem to be isolated. It was a spam injection hijack of my blog, and to be honest, the only reason I noticed it was the content of the AdSense ads that were showing up. It really was a bear to get rid of. I will have a single post later that covers this because the problem appears to be effecting a lot of WP blogs.
That brings me to another important issue. While I was infected via an exploit, some people that have gotten this hijack have actually installed it themselves. They did this by downloading a theme or plugin from a site other than WP or the actual developer. In the case of themes, they downloaded from a gallery where the download had actually been modified and contained javascript to run the hijack. Lesson: only download from the original developer or where from a trusted source (i.e. WP).
In the case of my plugins, I know that there are some sites that have downloaded from here and then helped themselves (w/o permission) to hosting it on their site. I generally don’t waste my time going after these guys because the plugins are opensource and I have too much else to worry about. But if you download from one of these, you could run into problems. Here are some reasons to only download my plugins from “official” locations:
- They are always going to be the latest version.
- The code will not contain any hijacks. (Bugs maybe, exploits I hope not, but malicious hijacks? NEVER!)
- You are supporting the author.
The only “official” location for my plugins are:
- This Site
- WordPress Plugin Database (http://wp-plugins.net/)
- WordPress (soon. They’ve been approved, just haven’t got them up there yet.)
My plan is eventually to have everything as part of the WP site using SVN.
Back to the greater point of my post. From here, I need to get the forum fixed and restore some of my content that was messed up during the recovery from the hijack. Then I will be systematically going through and addressing comments that were questions on support issues. If relevant, these will be moved into the forum (where support questions should be addressed).
If I can make it through all of that maintenance, then maybe we will get back on track with development of the existing plugins and new ones that have been on the back burner. Also, the existing work I have needs to be tested in WP 2.5, but I see no reason why it wouldn’t be compatible at this point.
That’s all for now. Again, thanks for your patience and support.
Enjoyed this article?
Don't miss a single post. Subscribe to our RSS feed!
