After having experienced this strange bot attack that seems to have completely shut down Cao’s blog, people have pointed out to me the security holes in wordpress.
There are all kinds of suggestions out there on how to plug up those holes, but bots attack other-than-wordpress websites. One of the first websites I went to to read about this was here. But I’ve been to many talking about the problem.
As I found on this forum, what I was looking for was discussions about
“deliberate redirects with meta refresh designed to kill sites, and indescriminate and unintentional scripts using go-php, cgi, asp, tracker2, meta refresh, frameset and other destructive elements and the manipulation of googlebot to create duplicate content pages.”
What I noticed before my site went down was that certain search terms were being used. They were splitting things up so that my posts wouldn’t be found in a google search. They were particularly aggravated with links to the Center for Military Readiness, and the phrase: “Muslim Cleric: Unveiled women are like Juicy Steak”.
The question is, how do we even know if a solution will be reliable or will work? All a person can do is to test the variables and find out. When I was testing, I succeeded in locking myself out of my admin panel, and then I had to figure out what I did wrong in order to set it right again.
I know that I’m also running out of disk space, but I’m not experienced enough to know how to get rid of logs that are taking it up…so I’m just going to have to keep knocking around in there and trying not to touch things that could get the site into further trouble.
It sure would be nice if I heard from my hosting company about the outage, to assure me they’re working on it, or update me on what they’ve found about what happened to bring it down.
I’ll be talking about this more as I try to flush this unpleasantness out of my system as I’m watching for some message from my hosting company as to how long CB is going to be down.
Cao2's Weblog 