free html hit counter Hacked! | John Battelle's Search Blog

Hacked!

By - January 15, 2005

Many of you may have noticed that last night Searchblog was hacked, apparently by someone in Albania (!). For a brief period of time my site redirected to a very odd page, and it appeared I had entirely lost my mind. All is well now, though we have some backend housekeeping to do. Thanks to the many readers who alerted me.


Related Posts Plugin for WordPress, Blogger...

3 thoughts on “Hacked!

  1. Doug Mehus says:

    No problem. Just glad the blog’s back.

    Keep Postin’!

    Cheers,
    Doug

  2. Jim Bursch says:

    I’d be interested to hear how you got hacked, in case there are precautions I need to take on my blog.

  3. Scot Hacker says:

    Jim, as far as we can tell, the attackers exploited recently discovered vulnerabilities in PHP when running in certain modes. We have since locked down PHP pretty tight, with register_globals=off and safe_mode=on. These two changes make PHP programming a bit harder and broke some older customer scripts and apps, but we’ve got everything fixed and working now, and the PHP environment has been *significantly* hardened.