Andrew Kelsall | Graphic Designer

Graphic Design Blog of Andrew Kelsall, Creative Designer of Logos, Posters and signage in Hemsworth, South Elmsall and Worldwide

Jul 18, 2010

AndrewKelsall.com Hacked

image of wordpress blog hacked

Apologies if you have visited my site over the past couple of days and have clicked on links that took you to spam-sites. My site is hosted over at Media Temple, where there has been a system-wide incident.

Basically, malicious code was injected into the WordPress blogs from a certain section of their servers. If you are hosted by (mt) on their Grid Server, you may want to check out their solution to the problem. The solution isn’t easy if you’re not competent with using phpmyAdmin (like myself) but follow the instructions and contact support if you get stuck. To be fair, the support over at (mt) were pretty good.

A big thank-you to blogger Andrew Keir who alerted me to the problem. Checking my own links isn’t something I do too often, so thanks Andrew for alerting me! I can remember back in 2007, when fellow blogger David Airey had his site stolen/hacked, but I’m glad my incident wasn’t anywhere near as bad as his situation.

The bug also brought down the other sites on my server, so I’ve had my hands busy this weekend. Ironically, I had deactivated my security WP plugins a few weeks back when I upgraded to WordPress 3.0 (as they was a code-conflict of some kind).

Anyway, I’ve now reactivated and sorted a couple of WP plugins. I already had antivirus running, but it didn’t work in this case for some reason.

Please Subscribe or Share if you liked this Article:
  • RSS
  • email
  • del.icio.us
  • Twitter
  • Facebook
  • Digg
  • Live
  • Mixx
  • Google Bookmarks
  • FriendFeed
  • LinkedIn
  • Posterous
  • StumbleUpon
  • Technorati
  • Tumblr
  • BlinkList

Similar Great Articles of Interest on this site:

11 Thoughtful Comments, Comment or Ping

  1. David Airey

    Never good, Andrew. Is everything back to normal now? Besides this incident, what do you think of Media Temple as web hosts?
    David Airey´s last blog ..Recommended UK commercial printersMy ComLuv Profile

    Jul 26th, 2010

  2. Andrew Kelsall

    @David → Yeah, everything is back to normal now, but I had to purge a lot of code from my databases which was very time consuming.

    MT’s support was quite good, however, their Grid server is always having some king of incident or downtime. I’m sticking with them as there DV servers are supposed to be top-notch, so I plan to upgrade within the next year. I thought web-site speed was an issue with the grid for a while, but after experimenting, I found it was all the larger social bookmarking buttons bogging my site it down, so I removed them.

    Soon, their Grid-server successor “cluster server” comes out, so I may try this before a DV if its cheaper.

    As a sidenote, MTs user interface is amazing. I tend to forgive their shortcomings when I’ve logged into my admin panel, lol.

    Jul 26th, 2010

  3. David Airey

    I thought I would’ve switched from ICDSoft a few years back, but it’s been great – even during my domain theft saga when I was getting hammered by traffic (with the Gmail hack story).

    That’s my host for davidairey.com, and I use Crucial Web Hosting for LDL. Both are recommended.
    David Airey´s last blog ..Recommended UK commercial printersMy ComLuv Profile

    Jul 26th, 2010

  4. Andrew Kelsall

    @David → Before I joined MT, I approached Crucial Web Hosting. I asked them a simple question about transferring my blog over to them, and I never heard back from them funnily enough.

    I’m glad that Crucial Web Hosting worked out well for you, though :)

    Jul 26th, 2010

  5. Andrew Keir

    I was previously on ixwebhosting which was absolutely terrible. I would never recommend it to anyone for any reason.

    I made a few enquiries with ICDsoft after seeing David used them but all responses were not confidence inspiring.

    I wasn’t keen on using shared hosting again and instead went to mediatemple’s DV server after Andrews recommendation. I work on my blog every day and have a number of external monitoring services and in my experience it’s been absolutely flawless for 7 months.

    As Andrew says, the technical support is great. I called once regarding a simple security setting on MT as it was a little different to my previous host, and ended up having a 40 minute conversation with the guy about WordPress and his recommendations for a variety of plugins, security issues and solutions.

    I’ve only ever had to wait a few minutes to get through to someone also, their DV service at least gets 10/10 from me.

    Jul 27th, 2010

  6. David Airey

    Strange how neither of you got a good impression.

    Coincidentally, I read an email from ICDSoft yesterday saying my site was draining the shared server too much, and that I should use a caching plugin.

    That’s when I checked and saw the WP-cache was disabled. Heh.
    David Airey´s last blog ..What if- SydenhamMy ComLuv Profile

    Jul 27th, 2010

  7. Andrew Kelsall

    @Andrew → I’m waiting for MTs auto-upgrade technology to be activated this year sometime (so it says on the MT Labs page). This way, I shouldn’t have the headache many people have when upgrading.

    @David → Funnily enough, I just checked my cache plugin, and it wasn’t activated either, D’oh! It must have needed reactivating after the WP3.0 upgrade…not that any warning message alerted me (such as the SEO plug does).

    I don’t use WP-cache any more though, as it stopped my RSS feed from working properly; I don’t know why. Instead, I use the one Chris Spooner once recommended on his blog – DB Cache.

    Jul 27th, 2010

  8. Chris Spooner

    Sorry to hear about the incident, this kind of thing is always a nightmare!

    Cache wise, I don’t actually use DB Cache any longer. The only reason being it seemed to stop tags from being saved on posts (and conflicts with the membership section I now have on my blog).
    I’ve tried WP-Cache and Super-Cache in the past but both caused issues of their own.
    My recommendation now goes to Hyper Cache, which also came out on top over at a roundup post on Tutorial9 (http://is.gd/dMpX4)
    Obviously there’s no reason to switch from DB Cache if it’s all working for you, but a cocktail of DB Cache and Hyper Cache should ease the strain on your server if you’re having problems.

    Jul 27th, 2010

  9. Andrew Kelsall

    @Chris → After posting my last reply, I made a spelling mistake, so I amended it and then tried to update the comment. Then, all I saw before me was a load of code instead of my WP admin panel. So, I deactivated DB cache and all was fine.

    So now, I think I’ll try Hyper Cache instead. Thanks for the input :)

    Jul 27th, 2010

  10. Andrew Keir

    I’ve found with the caching plugins that if I ever had the plugin enabled and changed anything in my theme php files, or css it would load to a white screen.

    By disabling the plugin, making the changes, then re-enabling the plugin I never had any problems. I also deleted the cache after making theme changes and before enabling the plugin.

    Never had any issues with editing posts/comments though? I don’t know if that will be of any help in the future for you…

    Aug 9th, 2010

  1. Tweets that mention AndrewKelsall.com Hacked | Andrew Kelsall | Graphic Designer -- Topsy.com - Jul 18th, 2010

Reply to “AndrewKelsall.com Hacked”

CommentLuv Enabled