September 5th saw the launch of an exploit based attack on Wordpress blogs worldwide.

The warning comes from Lorelle on WordPress after it was discovered that the pernicious attack is exploiting security holes in previous versions of the blogging software, creating a new “hidden” Administrator account and penetrating right down to the database level.

The attacks are said to be “growing by the hour”. Lorelle writes:

There are two clues that your WordPress site has been attacked.

There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize. You will probably be unable to access that account.

All users are advised to upgrade to the latest version of Wordpress immediately.

Reports indicate that hacked sites are extremely difficult to repair. As the damage reaches all the way down to the database, a simple reinstall will leave the hack in place. The generally accepted remedy appears to be to export your content and to import it into a new, clean, installation. That means binding a fond farewell to your settings and configuration.

Endless emnity for the thoughtless protagonists behind all this aside, there is a heart-warming amount of support in the Wordpress community (of which I am a contributing member) for those affected. It really is nothing more than outright destructiveness and vandalism, the fact that it is being perpetrated digitally making it no less annoying, viscious, mindless, or upsetting for the victim.

Thankfully, Wordpress is very easy to install. My upgrade to 2.8.4 was a simple click on a link at the top of my dashboard, and the wonderful Wordpress has done everything else for me. Perhaps I should thanks the script kiddies out there messing with people’s lovingly crafted blogs … I now have new features to play with

My days of having to clear somwhere in the region of 100 spam comments out of my blog every day are gone. I have finally implemented a “captcha” on the comment form, thus disbarring all bots, robos, script kiddies, and general spamming malcontents. If you want to offer me a larger penis, perkier breasts, or a longer last erection you will now need to do it in person, or at the very least read the captcha.

There are a number of captcha modules available for Wordpress. I went for Simple CAPTCHA , as a simple, “no frills” option. Installation is nothing more than FTP-ing the files to your plugins directory and switching it on. Instant captcha, instant zero pending comments for me.

I must confess, there is a little part of me that is sad to see them go. A very little part. Maybe I should have read those adverts after all …

Oh dear oh dear.

I have received some comment spam today that I found so amusingly clumsy that I have decided it deserves something more than my usual “hit the spam button in Wordpress and sigh” response.

Today, we have our inaugural member of the Planet of the Penguins Roll of Shame.

Congratulations www.seoclientprospectingrobot.com

The spam comment was attached to my article “How To Haiku” and ran as follows:

This might be a little off subject, but have you looked at seoclientprospectingrobot dot com? Just wondering if you have any reviews of it, I’m thinking of buying a copy, and wanted to see if anyone had bought a copy yet.

OK, so what’s wrong with this piece of comment spam and why do think it is particularly worthy of ridicule?

1. “It might be a little off subject”

   Yes, it certainly is. About forty thousand leagues away from the actual topic of the post in fact. There is no conceivable link between the post and the comment. This is either lazy spamming or spamming that tried not to be lazy but went very, very wrong when confronted with my post.

   Somewhere between 0 and 5 out of 10 for effort, 0 out of 10 for effectiveness www.seoclientprospectingrobot.com.
   

2. It is using “black hat” SEO techniques to advertise SEO software that may or may not itself be sporting a dark chapeau

   Spamming blogs that allow public comments, like this one, is a common “black hat” SEO practice; designed to inject links into sites and thus increase the page rank and perceived relevance of the target site. Search engine spiders see the link, or mention of the link, from my site to www.seoclientprospectingrobot.com and then count that as a “vote” for that site, improving its search engine position.

   Spam links, therefore, attempt to abuse this very democratic system of links=votes by creating links automatically.
   
   So, I have to say there is a certain irony in finding a spam comment that is trying to improve the search engine position of a web page about software that … improves your search engine position. Irony, and no small amount of annoyance. Nice try www.seoclientprospectingrobot.com

So, not a very good effort overall. Really … quite, quite poor.

I must point out at this point in time that I don’t know if the software available from www.seoclientprospectingrobot.com was used to commit this crime against intelligence, or if perhaps it was the work of someone else. You would have to ask Sophie, via seo4u@live.com, who originally posted the comment. Allegedly.

Best of luck in your next job Sophie.

Chris out.

(And for anyone who knows SEO and is wondering why I keep giving links to the site that has earnt my wrath today … well, wouldn’t it be quite cool if this could become the top rated post when searching for www.seoclientprospectingrobot.com? Don’t delay, trackback, pingback, and comment on this post today!)

If you are in the market for a quick and easy way to keep collections of quotes, citations, or reviews on your Wordpress site then you should check out the Quotes Collection plugin.

It comes with both an AJAX widget and a set of theme functions, easily customisable to suit any site.

Moving this site from Drupal 4.x to Wordpress 2.7, I was obviously concerned with losing indexation of my old Drupal URLs from search engines.

As I had not set up clean URLs on my Drupal website for a lot of my content, I needed a quick and easy way of ensuring that any traffic destined for one of my Drupal pages firstly found it’s way to the original content (as not everything has moved over to the new site) and secondly informed my users that the site had been moved.

Enter the 301 redirect, the safest way to redirect both users and search engines.

As I was not using clean URLs, the majority of my Drupal hits where coming in the form http://www.planetofthepenguins.com?q=node/… . It’s the q= that’s key – Wordpress doesn’t use this parameter and so I can safely assume that when I see it, it means the browser wanted a page from the old site.

So, having pointed a new subdomain (http://old.planetofthepenguins.com) at my old Drupal site, the code to perform the automatic redirection is simple …

<?php
$drupalq = $_GET['q'];
if ($drupalq){
header(”Status: 301 Moved Permanently”);
header(”Location:http://old.planetofthepenguins.com?q=” . $drupalq);
exit;
}
?>

This code

1. Grabs the “q” parameter from the URL into a variable
2. Checks this variable and if it has been set
3. Writes a 301 redirect to the HTTP return header
4. Writes a location into the HTTP return header
5. Prevents the rest of the page from being rendered

All that remains now is to put a prominent message on my old site that I have moved to a new platform and provide my users with a link to click.

Oh, and set up my Permalinks in Wordpress!