Blog fixed… I think…

[almostwitty]

After carefully examining what I could of the HTML code in my Wordpress installation, I concluded that the best way to get rid of the reported injected spam links was to “nuke the entire site from orbit. It’s the only way to be sure.” - in other words, back up the blog database, delete all Wordpress files, re-install Wordpress and then import the backed-up database. I had contemplated moving my blog over to somewhere else, like LiveJournal or wordpress.com but I thought I’d give Dreamhost one more chance.

Of course, I’m going to take some better precautions, as recommended by some friends. These include:

• Not installing random themes and plug-ins for the sheer hell of it. If I don’t like it, delete it.
• There are some handy plug-ins that claim to provide better security, to whit:
• Bad Behaviour
• WP Security Scan
• Theme Authenticity Checker

Originally published at almost witty. You can comment here or there.

Comments

[hellmutt.livejournal.com]

There's an extension called WP-IDS... but it's never yet worked for me. It had this tendency to block such suspicious activity as, erm, trying to post an entry, or search my archives.

[keptwench.livejournal.com]

Sucks that happened to you, but thanks for the links above. I didn't know about those particular plugins.. and I'm sure I want to look into them.