He’s The Man!
Ryan was on my short list of people to receive my call for help earlier today when I realized that my attempts to resolve the blog issues of the past few days were just digging me deeper into trouble.
It didn’t take him long after getting my plaintive plea for help to assess the situation, sort through a couple of likely options, and zero in on the likely culprit.
I may not be totally out of the woods yet, but things are definitely moving in the right direction!
Apparently I fell victim to a widespread hack of WordPress sites.
Ryan noted that the feed contained a bunch of gobbledy-gook that included the phrase, “evalbase64_decode”.
This is a tell-tale sign of a hack. Someone’s trying to use your blog to redirect people somewhere else, but hiding the real destination by encoding it. And yes, their target is often your feed or other permalinks.
Evil code had been covertly added into permalinks, making those largely inoperable. Interesting that Macs powered right past the evil code, while Windows stumbled pretty regularly (although not in all cases).
Feeds were also corrupted, although I’m not sure about the mechanism for that. It may just be that they couldn’t swallow that evil code.
Ryan quickly came up with a couple of forum discussions of the issues.
http://wordpress.org/support/topic/297639
http://wordpress.org/support/topic/307518
Following his advice, I checked and found the permalink structure had been altered. I deleted that code and restored the proper links.
Then I deleted the little WordPress plugin that sends requests for feeds to Feedburner, then downloaded and installed a clean copy from the WordPress site.
Finally, I examined the data file of users, and found four recently registered users that appeared suspicious. I deleted those users, just in case. If you find that your user registration disappeared and shouldn’t have, please let me know.
I had already upgraded to the latest WordPress version several days ago while trying to troubleshoot, so that was already accomplished.
Right now, it appears that feeds are working again, although I don’t know yet whether access to comments has been restored.
Now I’m following Ryan’s advice to eyeball other files and try to spot remaining covert code that shouldn’t be there.
Hopefully this is on the way to being resolved.
If you don’t know Ryan Ozawa, he’s a prolific blogger and intense user who has been leading the way in putting social media to use.
Discover more from i L i n d
Subscribe to get the latest posts sent to your email.
yep, it sure does work now!!! Hooray! Since I use wordpress.com for my site, I would have simply notified the support station of the problem and they would have fixed it for me.
Up and running again!
Hallelujah!
Kudos to Ryan. Used to listen to his pre-Lost podcast.
I don’t know about “the man,” I’ll settle for “the geek.” Glad iLind.net is on the mend. Glad to have been of some help. Like many in Hawaii, I don’t know what I’d do without my daily fix of felines. And the local media and political commentary ain’t half bad, either.
It works!
I know this makes me a dinosaur but WordPress is just too cumbersome and complex. It gets hacked regularly which is the price of popularity. Straight html has the advantage of being comprehensible.
hooray! ryan is also an old time blogger, back before the word “blog” was being used. does kat ring a bell?
Mahalo Ryan for getting ilind.net back online. And mahalo Ian for persevering to bring us all your great content. I wonder if people in Hawaii realize how lucky we are to have both of you.
It does work, here I am inside Internet Explorer. The links look simpler now, and they work.
It has been the reputation that WordPress has for getting hacked that has led me to hold fast and not make the move, by the way.
May I suggest posting your experience on one of the fora so that others can get un-hacked also.
One last thing, though — how do you prevent this from happening to your blog again?
“Prolific” isn’t even the right word to use in regards to Ryan’s blogging; Ryan is everywhere! He’s usually also the first to check out the first of any social media such as Orkut, Twitter, Justin.tv, etc.