Tags: googlebot

01/23/13

  12:05:00 am, by The Dreamer   , 493 words  
Categories: Software, b2evolution

Somehow my site got hacked....

...to inject bad SEO and links into Google. And, possibly collect info on my visitors?

Not entirely sure how it got in...the timestamp of the affected files is Apr 1, 2012. But, that was also the date that I upgraded to version 4.1.3, previous version was 4.1.2 done on January 16th....before that I was on 3.3.3 (Feb 14, 2010).

I do weekly backups of my site, so I narrowed down the alteration to having taken place between May 21st and May 28th.....though it wasn't easy...since I expire stored backups after 6 months....though fortunately I still had backups of my backups, so I could go back to before April 1st...and see that the file did change between March 26th and April 2nd, but php code wasn't prepended until later.

Perhaps I need to keep up on updates closer...

In the 4.1.0 line, the release dates were:

2011-09-08 - 4.1.0
2011-10-03 - 4.1.1-beta
2011-11-02 - 4.1.2
2012-03-02 - 4.1.3
2012-04-03 - 4.1.4
2012-07-24 - 4.1.5b
2012-11-23 - 4.1.6

Currently anything less than 4.1.6 isn't recommended. I see that 4.1.4 contained fixes against SQL and JS injection. Hmmm....

Wonder if I need to do some kind of change detection to my backup process....

Its hard to upgrade when there aren't diff bundles (which is why I stayed at 3.3.3 for so long), though I'm getting better at keeping my customizations out of the core (or fixing bugs on my own...) Plus discovering Meld has helped as well. Was interesting that one time, it showed diffs between releases, but no diff between latest release and my version. The bug I fixed got fixed the same way.... Though I think I have Meld ignoring differences in end of line and white space.... since the distribution files are CRLF, and I'm on Linux/FreeBSD...and the files are apparently such that vim can't figure out if its DOS and hide the ^M's or not.

Hopefully the upgrade to 5.0 will be simple...

In the history of my site...I was on 0.9.2 on June 7th, 2006 (released May 22)....from 0.9.0.12 on July 23rd, 2005 (released May 6). And, then finally upgrading to 2.4.1 on April 27, 2008 (released Mar 16), though prompted in part because I switched hosting providers....worked up to 2.4.7 on September 6, 2009 (released May 27)....and then to 3.3.1 on September 8, 2009 (released August 8). I did the upgrades to 3.3.2 and 3.3.3 on February 14, 2010 (3.3.2 was released Nov 9, 2009 and 3.3.3 was released Dec 15, 2009).

Guess it was good that I have my sites with Google's Webmaster tools...so that it could send me a "Notice of Suspected Hacking on ..." and stopped crawling my site until I address the problem.

And, looks like only my sites that are b2evolution were affected, my other sites are also 4.1.3 and hadn't been upgraded since.... Though its strange, since those sites were setup with fewer customizations with the intent that upgrading them would be easier. But, I had been thinking of shutting down the sites....

Pages: 1· 2

Now instead of subjecting some poor random forum to a long rambling thought, I will try to consolidate those things into this blog where they can be more easily ignored profess to be collected thoughts from my mind.

Latest Poopli Updaters -- http://lkc.me/poop

bloglovin

There are 20 years 1 month 28 days 8 hours 28 minutes and 34 seconds until the end of time.
And, it has been 4 years 10 months 30 days 5 hours 34 minutes and 22 seconds since The Doctor saved us all from the end of the World!

Search

November 2017
Mon Tue Wed Thu Fri Sat Sun
 << <   > >>
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30      
Google

Linkblog

  XML Feeds

Who's Online?

  • Guest Users: 1
This seal is issued to lawrencechen.net by StopTheHacker Inc.
powered by b2evolution

hosted by
Green Web Hosting! This site hosted by DreamHost.

monitored by
Monitored by eXternalTest
SiteUptime Web Site Monitoring Service
website uptime