Archive for the ‘Me’ Category

ALL YOUR WEBSITES ARE BELONG TO US

What a surprise it is to plug in your website’s URL, click on go, and find something you never uploaded! Then you go to other websites you have on your server and view the same upload. Then you know you got trouble!!

This was my own observation last weekend. I’ve heard it happen to others, and now I was chosen to experience this reality. I have never discussed with anyone just what happens when you get hacked, but here’s my story.

I had just performed an autoinstall of Joomla! CMS on Friday evening. Got it all up and set with a click on a hyperlink. Smooth, fast, and secure. Secure? Yah, sure was. Not changing my username from admin? NOT SECURE!

Saturday, I go to play around with my new website and view this black background page with a gruesome face of destruction staring me down. “Oh crap!” My first thought was to check my web design website. Sure enough, that horrid face was there, too.

Next step: questions

1. What can I do to fix everything?
2. What allowed this to happen?
3. What can I do to prevent this from happening again?
4. Who did this and where does he live?

My hosting service through Servage.net makes this easy to fix and repair. I didn’t bother to use FTP, went direct to my files online - no C panel to mess with. With Servage I access every thing from one page. Web server, FTP accounts, E-mail accounts, Domain settings, Your account, FAQ, MySQL databases, and more. No phony icons, all text links with drop-down menus.

Turns out, the only pages that got hacked were the index.html and index.php pages, and my admin login page here at WordPress. So it didn’t take very long to set everything back to my content. There was only one exception: the new Joomla! files. This CMS has numerous files, most with its own index.html or index.php files. With no content of my own on any pages there, the best choice was to delete all these files.

After viewing the source code, I found out that the hacker was likely from Saudi Arabia, and he goes by the name, “BuLlEt HaCkEr.” Lots of coders over there, a great country to grow hackers.

Next task, find out what allowed this to happen. After a couple hours of Google searching, I realized that it was the Joomla! program and the fact that I didn’t IMMEDIATELY change the default username.

To sum it up:

• Strange experience
• Great support from Servage (submitted 3 tickets with excellent speedy reply)
• Totally wasted a good Saturday
• Minimal losses (none!)

… the Google search term, “r00t-x” will bring up over 4,000 hacked sites. Likely done by just one of many hackers.

stevestuff

Post a Comment

Here I am, 3 am Sunday morning, can’t sleep - already slept 3 hours after having 5 St Pauli Girls and a great dinner. Compulsive obsessive, that’s my general personality description according to my girl friend, and I’ll have to agree.

My new home, this weblog at WordPress, does make my internet presence a lot more comfortable. I simply LOVE this design. I never thought it’d be like this. So now, maybe I’ll put up more posts - maybe not: I’m compulsive obsessive and I just might find another new endever.

My new home here is also a double-wide: with dual monitors. I feel that it’s a necessity for a web designer asa designer usually has 3 to 5 programs going at the same time. Then with a few folders open and a bunch of files scattered all over, I don’t see how this job can be done efficently on one screen.

After my eMachine blew up, I saw the opportunity to revamp my workplace and I hope somebody at the Goodwill will enjoy the 19″ CRT I’ll be donating. And that’s what started this transformation.

New monitors AND a new PC - but I was a bit leery of this replacement; a “Great Quality Systems” machine made by Fry’s Electronics. With only 512MB of ram, still it performs better than the 3 year old 1GB eMachine that didn’t have a dual processor - this’ll have 1.5GB to 2GB soon.

With a year’s training behind me, now feeling confident enough to make websites for others, my next step is to learn active content. I think that WordPress with it’s PHP format will come to be a great learning tool.

So what about this design, did I make it myself? No, but I could have designed the graphics for it. And the PHP pages? Maybe by this time next year. One thing curious about this theme: there is no credit for the designer. I looked in the source codes and it’s not there, either - not sure if I can remember where I got it from, I was all over the place when I was looking for this.

Starting out at Theme Viewer, I traveled through Mashable’s 30+ WordPress 3-Coluimn Themes, on to doshdosh’s Adsense Optomized Themes, then browsed through the themes at mandarinmusing. Venturing off track to a few sites having 2 - 10 themes displayed (N.Design Studio for 1), I browsed to Smashing Magazine - their “83 Beautiful Wordpress Themes You (Probably) Haven’t Seen” But that’s not where I found this either (presently searching through my history pages).

Kaushal Sheth also has a great variety of themes to sort through. Could have been WordPress Theme, maybe it was themesBase.com, CSS Design Templates, or … FOUND IT - Themebot.

Well, at least I gave myself a run-for-it - had to, I’m compulsive obsessive!

stevestuff

Comments (2)

OK, so I haven’t posted anything here or at my Wierd Websites blog for close to a month - it’s not that I’ve been lazy or disinterested, I been BUSY! … still, I feel neglect, I am a responsible individual.

Now, halfway through my education for web developer at Bates Technical College, I have had to finish up on a lot of studies - including my final in Web Design - of which I aced with my re-make of Web Design by Steve, my web design website. It’s quite a transformation from what I had previously, although I really did like the original design - it just wasn’t as informative and as adaptable as the new site.

And I’m still working with Jennifer Colley of Posh Home - a high-end furniture store here in Tacoma, Washington - I’m in the process of re-designing her site to enable exhisting and new customers to access information and services that previously required direct attention.

August is time off for students at Bates Tech - but for me, it will allow me time to catch up on my programming courses - come fall I’ll be in Java 2 and C++ … God help me!

Whaddya think of this picture? Results of multiple modifications with Photoshop and IrfanView - gimme a comment!

stevestuff

Post a Comment