One of my clients was hacked with the so-called Cannot redeclare hack. It seems closely related to the nefarious TimThumb hack, so if you’ve been hit by either of these hacks, you should check for the other. Apparently these hacks affect shared servers, so if you host multiple WordPress sites, chances are high that they’re all infected.

This article is split into two parts for ez reference. First some information on the evil WordPress “Pharma Hack”, and then a recipe for protecting your site with a solid security lockdown. Choose your own adventure:

Update: Media Temple is saying¹ that:

• They aren’t 100% sure of the cause, but yes, the hack is their fault.
• About 10% of all (gs) users were affected.
• It’s not WordPress specific, it’s PHP specific.
• Definitely change your passwords, definitely don’t change it back to the original password.

… or slightly more accurately, ideas for plugins that I don’t know how to write =)

Just recently my other blog CSS-Tricks was hacked. I first found out by a very helpful reader emailing me a screenshot from the mobile version of my site.