Yesterday morning I woke up early to make my wife breakfast in bed for Mother’s day. I didn’t have buttermilk for my waffle recipe, so I mixed milk and lemon juice to make my own buttermilk. It actually works quite well, it needs to sit for about 5 minutes to go sour, so I figured I would check my email real quick while I waited.
“You site has compromised,” was the email from Peter my webmaster.
My WordPress blog had been hacked, and I wasn’t sure what to do about it. There has been a scourge of malware attacks on WordPress blogs lately, and it seems to be attacking Godaddy, Dreamhost, Blue Host and Media Temple servers. With the help of a friend at WordPress and my webmaster, we had the hack on my blog fixed in just a couple of hours. No privileged information was compromised (why would I put confidential information on my blog?) and luckily, it hit on the weekend when I have decreased traffic to my site- but the fact remains that my site was vulnerable. That wasn’t a good feeling.
The bug basically redirected visitors to a site that tries to do a scan of your computer to identify security threats. You can find more information about it on the WordPress discussion board:
WordPress has already come up with a plugin to identify the bad code so that you can delete it. Here it is:
The bigger questions remains, how do I assure that my site is never hacked again? In one sense, I can understand that using WordPress is like using Windows, it is so hugely popular that more developers means more hackers. You can find thousands and thousands of awesome free plugins, but you also have a higher likelihood of being attacked. I would still rather never be hacked. So what can be done to guarantee your blog is safe?
This Friday, May 14th at 12:00 PM EST I have coming on the conference call Raanan Bar-Cohen, VP of Media Services for Automattic and the open source project WordPress. Having been a Technology Strategy Consultant to Time Magazine and Director of Product Strategy for Dow Jones (Wall Street Journal), Raanan knows his technology. So the big question he will be answering this Friday is:
Can professionals trust WordPress to host their blogs?
With companies like the BBC, New York Times and CNN all using WordPress platforms, obviously there are ways. So what steps do professionals firms need to take to guarantee security for their blogs? He will also be giving some pointers to help professionals make the most out of their blogs.
One question we won’t be answering on the call: how do you make buttermilk waffles? That will have to be the topic for another blog post.
Click here to sign up for this Friday, May 14th. Starting this month, we will now be holding calls at 12:00 PM EST. If you have any questions for Raanan or myself feel free to email them to firstname.lastname@example.org and we will answer them during the call.