Bludomain hacked

As a follow-up to this post – My wife’s Bludomain site – Heather Swanner.com is being hacked EVERY DAY. I fix it, and the next day it is down again. I contacted them and let them know what’s going on and aside from a canned response I haven’t gotten much – pretty disappointing.

In the meantime I simply used htaccess to redirect index.php to home.php since this exploit apparently only affects files named index.php or login.php

If you’re having trouble with your blu site being hacked on a regular basis and only displaying something like:

“Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING, expecting ‘,’ or ‘;’”

as a result, please leave a comment. More importantly if you’ve discovered a reasonable solution I’d love to hear it as well. Thanks.

Website hack – microsotf.cn – WordPress

So I emerged from a fantastic vacation weekend to find all of my php sites not working. Each displaying the same simple error message:

“Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING, expecting ‘,’ or ‘;’”

After my initial 30 second panic attack subsided I did a little googling and came up with this site: http://www.geeked.info/web-site-hack-loading-microsotfcn/

I’m assuming this is a bot that crawls from site to site. I had websites hacked across three different servers.

Once hacked, the site should produce a tiny iFrame that redirects to microsotf.cn. Don’t visit the page. It will most certainly ruin your day – spyware, malware, whatever. The beauty is – wordpress sites don’t display the iFrame. They just wind up broken. Other sites however won’t appear very different at all and it will be nearly impossible to tell whether the site was hacked or not.

If you’re having this problem simply open the source of the page in question and look a block of code similar to this (either immediately following the body tag or at the very bottom of the source code.):

Delete the offending code – upload (backup the original first, just in case) and you’re back in business.

Thanks to Ed over at http://www.geeked.info/ for having the ONLY blog post I could find on the whole internet about the hack.

EDIT: 7/9/09 – It has happened again to one of my sites. Different block of code, different malware site being loaded – same basic poison/remedy. For those interested in learning how to block an ip address (or range of ip addresses) – click here.

Exploring a ‘Deep Web’ That Google Can’t Grasp

One day last summer, Google’s search engine trundled quietly past a milestone. It added the one trillionth address to the list of Web pages it knows about. But as impossibly big as that number may seem, it represents only a fraction of the entire Web.

Beyond those trillion pages lies an even vaster Web of hidden data: financial information, shopping catalogs, flight schedules, medical research and all kinds of other material stored in databases that remain largely invisible to search engines.

The challenges that the major search engines face in penetrating this so-called Deep Web go a long way toward explaining why they still can’t provide satisfying answers to questions like “What’s the best fare from New York to London next Thursday?” The answers are readily available — if only the search engines knew how to find them.

Now a new breed of technologies is taking shape that will extend the reach of search engines into the Web’s hidden corners. When that happens, it will do more than just improve the quality of search results — it may ultimately reshape the way many companies do business online.