I got hacked: versus.php

I just realized that my website marga.org has been hacked for over two years!  There was a file on my main directory named versus.php  which served up pages with information on how to buy drugs like viagra.  Yuck!  The pages were in a directory called “1”, which had been created within another preexisting directory.

Mike thinks the hack must come through an old, vulnerable version of WordPress.  The thing is that I didn’t notice it until I did a search for “Greece” on marga.org – suddenly most of the Google results were for drugs.

I daresay that the hack made me lose quite a bit of page ranking, but it’s my bad for not noticing it before.

I’m writing this in case someone comes across the same file in their website.

Comment & Referrer Spam

Since I moved a couple of my websites to a new server, I’ve been taking a closer look at the logs.  I was surprised to see that my marga.org site – my personal site, which mostly includes my recipes, food blog & restaurant reviews – is getting a healthy 6,500 hits a day. Yay!  Some closer look at the logs, however, paint a less rosy picture.  About 1/4th to 1/3 of my hits are from search engine robots, and probably as many more hits come from spammers.

Spam traffic falls into two main categories: referrer spammers and comment spammers.  Referrer spam robots hit your website repeatedly pretending to come from a given site, so that that site appears high on your stats file as a “referrer”.  If your web stats file is public (mine is password protected), it will be spidered by google and the listed referrers will count as links from your site to theirs.  That helps the referrer appear higher on google searches.

It’s amazing just how many of these junk referrer sites there are.  I’ve only been blocking them for a week, and then only the top junk referrers to my sites, and I already have 80 sites blocked by my .htaccess file,  in addition to all referrer websites from .ru (Russia) and .pl (Poland).  I anticipate that for every junk referrer I block, another will take its place at the top of my referrer stats.  I’m not sure if there is anything I can do about this beyond manually blocking them. Google, on the other hand, could just stop indexing stat files and make this problem moot.

Comment spam is significantly less annoying now that I moved to using wordpress as my blog software.  Comment spam are just comments left after blog topics, whose main purpose is to link to the spammer’s site.  WordPress has a very useful plugin called Akismet, which identifies and blocks most of the comment spam.  It’s amazingly accurate.

 

New Kind of Blog Comment Spam?

I just got a comment to my safari entry on my personal blog which I think may be a new type of blog comment spam. Spammers have taken to make comments on blogs with links to their websites. Sometimes these comments are just links, but other times they try to be sneaky and they comment praising your blog and saying how useful it is. Here is an example:

“You made some really good points in your article. I did a search on the topic and found most people will agree with you.”

But I just got a new type of spam that it’s even sneakier – directly addressing the topic of your blog post, and of course, providing a link to a commercial site. In the case of my “safari” entry, the comment basically provided a dictionary definition of the word safari. I actually thought of approving the comment when I saw it – though after looking at my entry I realized that such comment was completely unrelated to what I’d written.

So anyway, this is a warning to other bloggers who might be wondering whether those types of comments are legitimate or not.