Archive for the ‘Minor Details’ Category
An additional consideration is that I know my boss reads this blog (hi, Steve!), so I’m not completely comfortable with some of the more cutting remarks I might make about the office, even though the chance of negative repercussions is probably not high. But then, sometimes I just feel that perhaps this blog has run its course, that there’s no more steam left in the boiler. I don’t know. We’ll see.
A perceptive fellow on the Google Webmasters forum noticed the following bit of fun in my source code that looked like this: Thinking it was a result of an injection exploit like this person found, I went over all my WP files (plus my theme directory) with a fine-toothed comb, but found nothing. A further bit of digging turned up other Wordpress users who were encountering the exact same problem. The iframe code was inserted directly into posts, but by what means, nobody seems to be sure. I will—shamefully—admit that both my WordPress admin and FTP passwords were pretty weak, and could have been brute-forced pretty easily. They’re much stronger now, and I’ve updated to WordPress 2.8, and the three posts here that contained the offending code have been cleaned. I haven’t seen any new malicious insertions since taking those steps, but I remain suspicious. If you see anything even remotely weird in the next couple of weeks here, let me know.
A cursory scan of hit logs indicates nobody has used the form in a while, but if you used the contact form to send me a message recently and got no response, your message was lost, and will have to be resent. I apologize for any inconvenience.
Today’s bot registered with a name of jacob73kolp and an e-mail address of jacobkolp@gmail.com. This brings the total of known bots to five:
It looks like I also found a CAPTCHA plugin that will work better than Skullbit’s, which worked only briefly on the test server and then simply refused to function properly thereafter. Hopefully this new one’ll be enough to keep the bots out. |