WTF happened to my portfolio site?
Posted by: Rin
filed under: Web &Work
Tags: rantings, Web
I really hate it when it happens to me. Come to think of it, no cialis online pharmacy one likes their website being hacked into and losing all their data. A potential client messaged me this afternoon saying that he cannot view my portfolio site. Astounded, I went over to my website to take a look. It came as a shock to me. The entire website (with WordPress as the CMS) is changed.
My old website…
is hacked into…
Immediately I went into the WordPress admin and found that I could not log in at all. After accessing the mysql tables I found this
The hacker himself has left something which I can identify him by (vicyland[at]gmail.com). His website and profile are as cytotec kamagra supplier dosage below:
Order Generic Levitra Super Active+ Online without Prescription page 1″/>
i need to buy propecia ref=”shadowbox”>
From China, Hebei Province, 20 years old Male, studying buy antibiotics online in Hebei Medical University. What you have to say about breaking into other people’s intellectual property?
30 comments to date:
Leave a Reply
Detailing the day to day happenings of the two.
(Arguments not included)
xD, your website is so interesting that attract Chinese Hacker’s attention. Suggest you back up your data at certain time, and enhance security of your site. I’m developer in Shanghai.
Tod
March 26th, 2009, 1:23 am
安慰一下两ä½å¥½äººï¼Œå¸Œæœ›ä»¥åŽåŠ 强防范
å¦å¤–鄙视一下这个hacker
tinyfox
March 26th, 2009, 10:41 am
I wonder why he did it at all… you seemed to gain back control immediately. What did you do to the guy? Did you report him or anything?
Really. Please tell. =/ You just got us visitors more curious…
mary
March 27th, 2009, 11:50 pm
我了解主人懂汉è¯,也就ä¸ç”¨è‹±è¯äº†==
我有必è¦æ¾„清一下:
1,我既没有hack, 更没有å˜å¿ƒæ”»å‡»ä¸”åˆ é™¤æ•°æ®, æ®æˆ‘个人估计是您的æœåŠ¡å™¨å‡ºçŽ°é—®é¢˜;
2,我之所以访问到那站点, 也是从这个站点链过去的, å´å‘现出现WP安装, 一度以为是æä¾›WPæœåŠ¡==
3,我å如上澄清,å¸Œæœ›æ‚¨åˆ é™¤æ¶‰åŠçš„相关个人éšç§.å¯¹äºŽæ‰€é€ æˆçš„åŽæžœæˆ‘åªèƒ½è¡¨ç¤ºæ‰æ„.
4,对于您在æ¤äº‹è‰çŽ‡åˆ¤æ–我hack您的站点表示é—憾.
Dulce
March 28th, 2009, 2:35 pm
@Tod, tinyfox:
Thanks I’ll take your advice to heart.
@Mary:
Nope currently I did not do anything except writing on this blog.
@Dulce:
Since you know English, it will be much easier for me to communicate without typing in Chinese.
1) There are many WordPress installations out there. And yet only mine has this problem? Rin-wendy.com is also using the same webhost and same webspace as with littlevault.com, but only littlevault.com has this problem?
2) What you did, intentionally or not, is defacing another party’s website. You might think “Oh it is a server problem, I was there at the wrong time and it happened.” Truth is, no matter what intentions you have, the site is still defaced by you.
It is like playing ball games at a neighbourhood field, you throw the ball a bit too far and break a neighbour’s window, do you still try to cover up the incident to say things like “oh it is the wind, the fengshui, the shape of the ball”?
3)Both parties, me and you suffer loses. For me, my data and some potential clients and for you, negative reputation over a small sphere in the worldwide web. Cause and effect my friend, whether we like it or not.
4)I do not view my handling of this matter as too rushed without putting much thoughts into it. Come to think of it, why didn’t you email me when such a major thing happened? Keeping mum about it only increases the doubt in the credibility of your innocence. If you deface some other major websites by accident, I am sure that you will be prepared to see a lawyer’s letter, not just a rant post on a personal blog.
Rin
March 28th, 2009, 3:57 pm
1ã€æˆ‘之å‰ä»Žæ¥æ²¡é‡åˆ°è¿™ç§çŠ¶å†µï¼Œæ‰€ä»¥åœ¨é‚£ç§æƒ…况下,è°çŸ¥é“这到底å‘生什么了,而之åŽå®Œæˆå®‰è£…之åŽæˆ‘æ‰æ„识到这到底å‘生什么了。事åŽæˆ‘和一ä½æœ‹å‹è¯´èµ·ï¼Œä»–也æ到å‘生过有æ¤é—®é¢˜ä¹Ÿå‡ºçŽ°è¿‡ï¼ˆæ‚¨ä¹Ÿå¯ä»¥è¯¢é—®æ‚¨çš„朋å‹æ˜¯å¦ä¹Ÿæœ‰è¿‡å¦‚æ¤ç»åŽ†ï¼‰ã€‚至于为什么这个页é¢æ²¡æœ‰å‡ºçŽ°é—®é¢˜ï¼Œæˆ‘想å¯èƒ½çš„å› ç´ ä¼šéžå¸¸å¤šã€‚
2ã€å¯¹ï¼Œæ‰¿è®¤æˆ‘的过错,但我的过错和您数æ®ä¸¢å¤±æ²¡æœ‰å…³ç³»ã€‚我希望您之å‰åšè¿‡æ•°æ®å¤‡ä»½ã€‚
3ã€æˆ‘错误的执行了WPçš„å®‰è£…ï¼Œå‡ºäºŽæˆ‘çš„æ— çŸ¥ã€‚ä½†æˆ‘ä¸èƒ½ä¸ºæ‚¨æ•°æ®ä¸¢å¤±åŸ‹å•ã€‚æ¢å…¶ä»–人,也许也有åƒæˆ‘è¿™æ ·å¹¶ä¸æ¸…楚当时到底å‘生什么了,莫éžä¹Ÿè¦èƒŒé»‘锅?
4ã€æˆ‘希望您å¯ä»¥å†·é™çš„考虑整个问题,è‰çŽ‡çš„把一切错误归结于我,并且把æŸäº›ä¸ªäººéšç§å…¬å¸ƒäºŽä¼—,是å¦æœ‰æ‰€è°““以暴制暴â€çš„嫌疑。我没有在第一时间è”ç³»ä½ ï¼Œç¡®å®žæ˜¯æˆ‘çš„é”™è¯¯ï¼Œä½†æ‚¨å°±ä¸èƒ½äº‹å…ˆè´¨é—®æˆ‘(我想很少有人这么诚实的交出mail地å€ï¼‰ã€‚
5ã€æˆ‘å†æ¬¡æœŸæœ›æ‚¨æ£ç¡®çš„看待这个事件。我确信我在这个问题上ä¸å˜åœ¨é‡å¤§è¿‡é”™ã€‚
Dulce
March 28th, 2009, 4:34 pm
Is there anything we can do to people who hack into other people’s site? If the guy is in China, I can think of any available course of action that you can take.
Adrian Lee
March 30th, 2009, 12:06 pm
天哪,太ä¸å¯æ€è®®äº†ã€‚赶紧告诉wordpress技术人员。难é“åšå®¢ç³»ç»Ÿå˜åœ¨ä¸¥é‡bug?
fabin
March 31st, 2009, 4:55 pm
@adrian lee
from Rin’s latest comment, it appears that Dulce is the person who ‘accidentally’ hacked the portfolio site.
I think Dulce is claiming something about both of them being victims of a bad host or wordpress installation or something.
But don’t quote me on that. I don’t understand Chinese. =/ Just picking up context clues… *points at Rin’s comment*
It seems that that is the reason Rin wouldn’t pursue the issue. =) Because the other party claimed innocence. he’s just ranting his frustrations on this blog post.
mary
April 1st, 2009, 12:14 am
Infact I’m a Chinese too, I don’t konw what’s the problem with rin’s blog but I hope everything will be OK.
whatACoolDesign
April 2nd, 2009, 10:14 pm
So Rin this is a web hosting issue you had with your and this other guys database conflicting with each other? Or was this some exploit in WordPress itself?
Tollboy
April 7th, 2009, 2:56 am
What is it with China and hacking American sites?!!
I work for a web development firm and a hospital site, which is impossible to find unless you live in the area and know the name, was hacked and the DB was corrupted.
Insane. Sorry to hear about your problems.
Web Developer
May 3rd, 2009, 12:19 am
My English is very poor!…
So…
我从Css vaulté“¾æŽ¥åˆ°ä½ è¿™é‡Œ!å› ä¸ºå¾ˆå–œæ¬¢rin-wendyè¿™ä¸ªé£Žæ ¼!
æ²¡æƒ³åˆ°ä½ çš„åšå®¢è¢«æ”»å‡»äº†,而且是ä¸å›½äººæ‰€ä¸º
(当然看到评论也ä¸çŸ¥é“是å¦çœŸæœ‰æ¤äº‹),
我真的很抱æ‰,也åªèƒ½è¯´æŠ±æ‰,希望您的数æ®ç•™æœ‰å¤‡ä»½
也希望这件事能有个清晰的结果.
抱æ‰,谢谢!
耿培
May 3rd, 2009, 12:40 pm
æ ¹æ®Dulceè¯´çš„ï¼Œä¼¼ä¹Žæ˜¯å› ä¸ºwpçš„config文件ä¸å˜åœ¨ï¼Œæ‰€ä»¥æ‰è¢«å¼•å¯¼åˆ°äº†åˆ›å»ºwpconfig文件页上了
我相信这ä½Dulceæ˜¯æ— å¿ƒä¹‹è¿‡ï¼Œæ¯•ç«Ÿæ²¡æœ‰å“ªä½hacker在æ¶æ„攻击åŽè¿˜ä¼šç•™ä¸‹email嘛,建议询问空间æ供商,是ä¸æ˜¯æ•°æ®åº“出了问题
å¦å¤–,如果是hackerçš„è¯ï¼Œæ€Žä¹ˆå¯èƒ½è·³å‡ºæ¥æ¥æ¾„清这ç§äº‹æƒ…呢?呵呵
Ravanello
May 6th, 2009, 1:06 am
I’m sorry to hear it. Good Lucky Forever..:)
Richard
May 9th, 2009, 10:11 pm
没准是个误会,ä¸è¿‡ï¼Œä¸å›½çš„哥们们看æ¥å¾ˆå–œæ¬¢ä½ 们的夫妻åšå®¢ï¼Œå‘µå‘µ
æˆ‘ä¸Šæ¬¡ç»™ä½ çš„è€å©†ä¸¤æ¡ç•™è¨€èŽ«åå…¶å¦™è¢«åˆ æŽ‰äº†ï¼Œä½†æ˜¯ï¼Œæˆ‘æ²¡æœ‰è¯´ä»€ä¹ˆå¤±ç¤¼çš„è¯ï¼Œè¿™æœ‰ç‚¹åŒªå¤·æ‰€æ€ã€‚
我也想åšä¸€ä¸ªå’Œä½ 们差ä¸å¤šçš„åšå®¢ï¼Œä½†æ˜¯é™äºŽæŠ€æœ¯æœ‰é™ï¼ŒçŽ°åœ¨è¿˜æ²¡æœ‰åŠžæ³•å®Œæˆã€‚
è°è¦æ˜¯èƒ½æœ‰æºä»£ç æ供就好了。
æ²¡æƒ³åˆ°ä½ ä»¬è¿˜æ‡‚æ±‰è¯ï¼Œå¾ˆä¸é”™ã€‚
Alex.Lee
May 20th, 2009, 12:14 pm
Hello Rin,
I’m sorry to hear such a hack. I don’t speak in Chinese but a quick translation of Dulce’s first comment says:
If I trust what Dulce said, this a rare problem in WordPress, someday your database will get a problem and WP will throw the installation file in front of you.
See this link: http://perishablepress.com/press/2009/05/05/important-security-fix-for-wordpress/
I think adding .htaccess password to the wp-admin folder will solve the problem, so no one will have the ability to re-install your server!
J Mehmett
May 21st, 2009, 9:58 pm
I’m not good at english.
Infact I’m a Chinese too,I hope everything will be OK.
Distant Memory
June 20th, 2009, 8:12 pm
这里好冷。。=.=。。
空间商是哪家。。。速度ä¸é”™ã€‚。。
情侣åšå®¢åšå¾—很æˆåŠŸï¼Œç»§ç»åŠªåŠ›ã€‚。。
å„ä½ç»§ç»ã€‚。。
å…»æˆç»å¸¸å¤‡ä»½å¥½ä¹ 惯。。。
yangpizhi
June 20th, 2009, 11:17 pm
I think you should back up your wordpress files sometimes to prevent the lost of data if someone hacks your websites again. Wish you luck! Hope the site will be back!
Trang
July 10th, 2009, 8:58 am
Hi Rin,
i really love your blog theme. Can i ask you share it to me and my wife. I think my wife will very happy when we use this time.
Thousand thanks
Nam Le
July 23rd, 2009, 3:35 pm
came to you via the beautiful rin-wendy block and I am really shocked to hear that. Hope you will be back professionally soon.Let me know, when you are!
All the best and Greetings from Germany!
lothar
Lothar
July 24th, 2009, 6:39 pm
I just read somewhere that there’s a bug in wordpress that someone can just get to your wordpress installation script and reinstall your blog and then gain imediate admin access.
You need to delete the install.php script inside wordpress after successful installation.
If you don’t delete the file anyone will be able to reinstall your wordpress.
victor
July 28th, 2009, 7:03 am
Dulce说的是有å¯èƒ½çš„,当é…置文件丢失的时候,WP确实会æ示访客“是å¦é‡æ–°å®‰è£…â€ï¼Œå†µä¸”如果真是他黑的,应该ä¸ä¼šç•™ä¸‹åå—。
ç›®å‰æœ‰ä¸€äº›ç½‘站在使用贵站的主题,是å¦ä¸Žè¿™æ¬¡çš„攻击有关?
建议楼主冷é™æ€è€ƒï¼Œå¹¶æ”¶é›†ä¸€ä¸‹æœåŠ¡å™¨ä¸Šçš„日志,å†è¯¦ç»†çš„查一下。
cuikai
July 29th, 2009, 4:08 pm
这是一件令所有人都很é—憾的事情
o(╯□╰)o
SW-27
July 30th, 2009, 1:32 pm
I am sorry for you Rin… it should not happen to you..
o(╯□╰)o
vinoth
August 2nd, 2009, 7:01 pm
我是从https://rin-wendy.com/的连接æ¥åˆ°è¿™ä¸ªåšå®¢çš„,在我看æ¥è¿™ä»¶äº‹æƒ…并éžé»‘客所谓,任何以为黑客ä¸ä¼šé‡‡å–è¿™ç§æ”»å‡»ç½‘站的形å¼ã€‚而对于Wordpress本身如果丢失wp-config.php文件而åˆå˜åœ¨wp-config-sample.php文件是å…许é‡å¤å®‰è£…的,å†ä¸‹ä¸€æ¥ä¼šæ示输入数æ®åº“,如果表和数æ®åº“ä¿¡æ¯æ˜¯ä½¿ç”¨çš„ä½ åŽŸæ¥çš„ä¿¡æ¯ï¼Œé‚£ä¹ˆè¿™ä¸ªæ•°æ®æ˜¯ä¸ä¼šä¸¢å¤±çš„。但是如果使用å¦å¤–çš„æ•°æ®åº“或者表的å‰ç¼€ä¸åŒï¼Œè¿™æ ·æ‰ä¼šé€ æˆé‡è£…。å³æ—¶è¢«é‡è£…äº†ï¼Œä½ çš„WEBæ•°æ®ä¾ç„¶å˜åœ¨ï¼Œåªæ˜¯å‡ºäºŽæ²¡æœ‰æ¿€æ´»çŠ¶æ€ã€‚从ç†è®ºä¸Šæ¥è¯´Dulce是ä¸å¯èƒ½çŸ¥é“ä½ æ•°æ®åº“ä¿¡æ¯çš„,所以在上é¢çš„推测都ä¸å˜åœ¨ã€‚
那么åªæœ‰ä¸€ä¸ªå¯èƒ½ï¼Œä½ çš„webæ•°æ®æ˜¯å®Œæ•´ï¼Œå¹¶ä¸”没有丢失wp-config.php,那么wordpresså°±å…许直接输入åšå®¢åç§°å’Œé‚®ä»¶è¿›è¡Œå®‰è£…ï¼Œè€Œè¿›è¡Œå®‰è£…å¿…é¡»æ˜¯ä½ çš„æ•°æ®åº“ä¸åŽŸæ¥çš„表是ä¸å˜åœ¨äº†ï¼Œå¦‚果已ç»å˜åœ¨å°†ä¸èƒ½è¿›è¡Œå®‰è£…,所以我认为是您的数æ®åº“出现问题。
è“冰
August 10th, 2009, 6:35 pm
å¦å¤–,我很期待您的新版本。
è“冰
August 10th, 2009, 6:38 pm
Hi Rin,
sorry for you, an excellent idee to use a site for two persons.
It is possible to use your rin and wendy themes for my own site?
kind regards and good luck
Michael
Michael
August 11th, 2009, 6:58 pm
hey, rin,
it’s very ridiculous~~
i know that guy who hacked your site…
but from my perspective, he is not that kind of person, and additionally,he is not that capable…
you can visit my web site, and find him.
He always leaves comments at my blog.
nooidea
September 27th, 2009, 8:56 pm