MM: May All Of Your Labors Be Enjoyable Today

Today is Monday and we love to bring news – even on a holiday

Early in August WordPress put out back-to-back updates; strange. we read that it had to do with a security vunerability, and decided to comply. we upgraded within hours of the availability; using the on-blog tools.

it was fast, clean and easy. we suggest that if you are reading this and you host your own wordpress blog on your own domain; you should make sure you are running wp 2.8.4. you can verify by looking in the lower right hand corner of your dashboard and the version is clearly shown.

this is our Music Monday Submission – The Ohio Players Funky Worm. Funky Worm Get It ? yeah right…

Come join Music Monday and share your songs with us. One simple rule, leave ONLY the actual post link here. You can grab this code at LJL Please note these links are STRICTLY for Music Monday participants only. All others will be deleted without prejudice.

Powered by MckLinky

Click here to enter your link and view the entire list of entered links…

PS: Because of spamming purposes, the linky will be closed on Thursday of each week at midnight, Malaysian Time. Thank you!

It’s Labor Day and we’re going to do a little labor around the house. we’re wishing all our friends in North America on either side of the border a “Happy Labor Day / Happy Labour Day”.

Do NOT EAT The Worm in the Tequila; and Buckle UP Please.

See You Tomorrow – Cheers,

Justafyi – incase you missed this very important bit of news :

Word Press Blogs Falling Prey to Worm

A worm is circulating that can post malware and spam to some WordPress blogs using outdated versions of the blogging software, according to a post by Matt Mullenweg, founding developer of WordPress.

The worm can be tough to catch, as Mullenweg explains: “it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts.”

The vulnerability allowing the attack was discovered August 11, at which point WordPress encouraged users to upgrade to version 2.8.4. However, many people have yet to upgrade, and reports online indicate the worm is making dubious progress by the hour.

The worm does not affect the current version 2.8.4 and the one prior to it. And it only affects people who host their own WordPress blog. Blogs hosted on wordPress.com are unaffected.

Users can find upgrade links and instructions here. WordPress has also posted an FAQ for people who think their blog has been hacked.

FAQ My site was hacked

Help I think I’ve been hacked

So you’ve carefully installed WordPress, you’ve made it look exactly how you like with a decent theme, you’ve maybe installed some fancy plugins and you’ve crafted some fine posts and Pages. In short, you’ve put a lot of time and effort into your site.

Then, one day, you load up your site in your browser, and find that it’s not there, or it redirects to a porn site, or your site is full of adverts for performance-enhancing drugs. What do you do?

Some steps to take

Scan your local machine.
- Sometimes the hacks have been introduced because a hacker has compromised a program on the computers being used to upload files. Give your local machine a full scan.

Check with your hosting provider.
- The hack may have affected more than just your site, especially if you are using shared hosting. It is worth checking with your hosting provider in case they are taking steps or need to. Your hosting provider might also be able to confirm if a hack is an actual hack or a loss of service, for example.

Change your passwords.
- Change passwords for the blog users, your FTP and MySQL users.

Take a backup of what you have left.
- If your files and database are still there, consider backing them up so that you can investigate them later at leisure, or restore to them if your cleaning attempt fails. Be sure to label them as the hacked site backup, though…

Read Donncha O Caoimh’s guide on what to do.
- Donncha wrote a good article on what to do if you suspect a hack, it is well worth reading through and acting on, as it goes into more depth than this page.

Read How to clean your hacked install on Smackdown!
- Again, this goes into detail on the steps you might need to take.

Check your .htaccess file for hacks.
- Hackers can use your .htaccess to redirect to malicious sites from your URL.

Consider deleting everything.
- A sure way to remove hacks that currently exist, is to delete all the files from your web space, and clear out your WordPress database. Of course, if you do this, you would need backups to restore to, so …

Consider restoring a backup
- If you restore known, clean, backup of your WordPress Database, and refresh your WordPress, plugin and theme fils through FTP, that will ensure all those bits are clean of malicious code. At the very least …

Replace the core WordPress files with ones from a freshly downloaded zip.
- Replacing all your core files will ensure nothing is left behind in them in a hacked state. Remember to replace plugins and theme files, too.

Upgrade!
- Once you are clean, you should upgrade your WordPress installation to the latest software. Older versions are more prone to hacks than newer versions.

Change the passwords again!
- Remember, you need to change the passwords for your site after making sure your site is clean. So if you only changed them when you discovered the hack, change them again now.

Do a post-mortem.
- Once your site is recovered, check your site logs to see if you can discover how the hack took place. Donncha’s article goes into detail on this.