Comments on: Spam Link Injection Hacked (and How I Hopefully Fixed It) http://digwp.com/2009/06/spam-link-injection-hacked/ Learn how to take your WordPress skills to the next level. Thu, 18 Mar 2010 13:36:36 -0700 http://wordpress.org/?v=2.9.2 hourly 1 By: dibo http://digwp.com/2009/06/spam-link-injection-hacked/#comment-1221 dibo Wed, 12 Aug 2009 16:26:18 +0000 http://diggingintowordpress.com/?p=166#comment-1221 Exact same thing happened to me. Same links too. I think it was an exploit in the WordPress code so a malformed SQL query inserted all the links but I did all the things you did just to be safe. Exact same thing happened to me. Same links too. I think it was an exploit in the WordPress code so a malformed SQL query inserted all the links but I did all the things you did just to be safe.

]]> By: Evil Mammoth http://digwp.com/2009/06/spam-link-injection-hacked/#comment-1088 Evil Mammoth Wed, 05 Aug 2009 18:22:52 +0000 http://diggingintowordpress.com/?p=166#comment-1088 That's great. I'm hoping I have the same success when I implement your changes. I had already done a few of them a few days ago with no luck, and I'm getting real tired of these assholes. Keep up the good work. I'll be checking in. Glad I stumbled across your site. That’s great. I’m hoping I have the same success when I implement your changes.

I had already done a few of them a few days ago with no luck, and I’m getting real tired of these assholes.

Keep up the good work. I’ll be checking in. Glad I stumbled across your site.

]]> By: Chris Coyier http://digwp.com/2009/06/spam-link-injection-hacked/#comment-1087 Chris Coyier Wed, 05 Aug 2009 18:20:03 +0000 http://diggingintowordpress.com/?p=166#comment-1087 Still clean as of this date! Thank god. Still clean as of this date! Thank god.

]]> By: Evil Mammoth http://digwp.com/2009/06/spam-link-injection-hacked/#comment-1086 Evil Mammoth Wed, 05 Aug 2009 18:16:24 +0000 http://diggingintowordpress.com/?p=166#comment-1086 I've had a similar thing happen. I was just wondering, as of a month later, what the status is. Have you had further troubles with the spammer? Thanks again for this guide and writing this post. I’ve had a similar thing happen. I was just wondering, as of a month later, what the status is. Have you had further troubles with the spammer?

Thanks again for this guide and writing this post.

]]> By: Aaron Moodie • Kill All Spam http://digwp.com/2009/06/spam-link-injection-hacked/#comment-1020 Aaron Moodie • Kill All Spam Mon, 03 Aug 2009 08:18:48 +0000 http://diggingintowordpress.com/?p=166#comment-1020 [...] it doesn’t happen again. If anyone else runs into this trouble, there are some good posts here and here on how to best remove the links, and Smashing Magazine has a great article on beefing up [...] [...] it doesn’t happen again. If anyone else runs into this trouble, there are some good posts here and here on how to best remove the links, and Smashing Magazine has a great article on beefing up [...]

]]> By: Matt Gibson http://digwp.com/2009/06/spam-link-injection-hacked/#comment-508 Matt Gibson Sun, 05 Jul 2009 20:17:22 +0000 http://diggingintowordpress.com/?p=166#comment-508 Scary. One thought springs to mind; I wonder how easy it would be to create a Yahoo pipe that took an RSS feed and made a feed of the raw source? At least if you were subscribed to that for your own sites you'd see the problem fairly quickly... Scary. One thought springs to mind; I wonder how easy it would be to create a Yahoo pipe that took an RSS feed and made a feed of the raw source? At least if you were subscribed to that for your own sites you’d see the problem fairly quickly…

]]> By: BlogBuzz July 4, 2009 http://digwp.com/2009/06/spam-link-injection-hacked/#comment-491 BlogBuzz July 4, 2009 Sat, 04 Jul 2009 10:17:33 +0000 http://diggingintowordpress.com/?p=166#comment-491 [...] Spam Link Injection Hacked (and How I Hopefully Fixed It) [...] [...] Spam Link Injection Hacked (and How I Hopefully Fixed It) [...]

]]> By: Joel Oliveira http://digwp.com/2009/06/spam-link-injection-hacked/#comment-438 Joel Oliveira Wed, 01 Jul 2009 22:57:26 +0000 http://diggingintowordpress.com/?p=166#comment-438 It hasn't been mentioned here yet and I think it deserves inclusion - http://blogsecurity.net/wpscan The security scan there is helpful, not to mention the entirety of the blogsecurity website. I've used it a couple of times on a few sites and it's caught a few things that helped me lock things down. First thing I do these days w/wordpress - remove that admin account. I think that's the root of a good number of vulnerabilities. It hasn’t been mentioned here yet and I think it deserves inclusion – http://blogsecurity.net/wpscan

The security scan there is helpful, not to mention the entirety of the blogsecurity website. I’ve used it a couple of times on a few sites and it’s caught a few things that helped me lock things down. First thing I do these days w/wordpress – remove that admin account. I think that’s the root of a good number of vulnerabilities.

]]> By: Len http://digwp.com/2009/06/spam-link-injection-hacked/#comment-414 Len Wed, 01 Jul 2009 05:44:21 +0000 http://diggingintowordpress.com/?p=166#comment-414 You said that you changed permissions of wp-config.php to 755. Rule of thumb, files - 644 folders - 755 You said that you changed permissions of wp-config.php to 755. Rule of thumb,

files – 644
folders – 755

]]> By: redwall_hp http://digwp.com/2009/06/spam-link-injection-hacked/#comment-404 redwall_hp Wed, 01 Jul 2009 00:10:27 +0000 http://diggingintowordpress.com/?p=166#comment-404 Contact Google, whether through Matt Cutts or a more official method, and explain what happened to them. They have the power to fix it, and very well might help you out. Contact Google, whether through Matt Cutts or a more official method, and explain what happened to them. They have the power to fix it, and very well might help you out.

]]>