On Friday (Sep 4th) when I posted about my Ars Electronica visit I noticed on my slovenian version of blog that there was some strange text in the permalinks and that disabled the links on the site. After some research on Google I found the solution (reset the permalinks setting), but I also found out about an unwanted user on my blog. There was another user with administrator permissions and it was hidden from my eyes. The only thing that helped me noticed it was the number 2 in the parentheses on the administrators list.
Because I couldn’t deleted it from WordPress admin panel I had to go to phpMyAdmin in cPanel. The problem was solved. Well not yet, but I wanted to leave my update process for some other time. I was just leaving for Linz and I didn’t have time.
During my staying in Linz I noticed quite a lot articles about a distributed attack affecting self-hosted blogs running anything other than the latest edition of WordPress (Celestial Waste of Bandwidth). My blogs were at version 2.7.1. I used to update WordPress with Fantastico interface at my hosting service at HostGator, because it did an archive at the same time and so I had a backup. But Fantastico still shows the latest version of WordPress as 2.7.1 even thought it has been more than a month from the 2.8 update.
They made it easy to update in the version 2.7, so as soon as I made a backup I pressed the update link. Few seconds passed, update finished and then… blank page. The page was gone. I couldn’t even login as administrator. Nothing. If I uploaded my old files back through ftp, everything reappeared. Then I tried manualy uploading the update files. The page went blank again.
As I tried several things, uploading and deleting the new and old version and a lot of time went by. It started to annoy me. At last I made a new blog, imported all my posts and comments, merged the visitor statistic with my old blog and happily sit back and enjoy the look at my resurrected one year old secured (for now) blog.
Now I am thinking to change the visual theme of the blog to mark the anniversary and resurrection.
P.s.: English version wasn’t hacked and needed only a click to update.