google controls the world.

oh, not really, but it does control what we access.

around 1 am last night I got some emails from google informing me that my primary site, brookthere.com, had been identified as serving malware and consequently would be blocked from search results and when opened in a modern browser, would provoke scary warning stuff everywhere.

I was frustrated, but at the same time, slightly relieved.  secretly relieved.  I’ve been planning on redoing my site for a while now, and putting it off, and putting it off, and was basically forced into to blowing it up, destroying every database and file, and starting fresh.  both because I didn’t have the skills or energy to seek out only the badware and get rid of it, and because my primary objective was to get google search results, and consequently my domain name, to show up normally again.

here’s the technical background, as I understand it: I host several sites on dreamhost.  I like the user panel.  I like dreamhost pricing. I even like their live chat, which was off today, it being a weekend and all.

The sites I host are mostly different forms of wordpress or zenphoto installs, or both.
Now, I’m terrible at maintaining things. It doesn’t matter if they are digital or real world.  My heater was condemned and removed last year (for a few weeks in late october) because it hadn’t occurred to me to maintain it.  Similar thing, less the condemning, happened with my hot water boiler a few years prior. and my car….the only ticket I’ve ever gotten in my life was for not having an inspection sticker.  because I forgot.

so, I had managed to forget to maintain wordpress and zenphoto.  you know, getting them up to date.  and something did happen, I’ll never know exactly what, but most of my sites were redirecting to a suspicious .ru domain.  Somehow, one had been hacked and the bad code got into everything.

So I’ve spent much of today doing just this:  backing up what could be, and moving things around.  I was able to quickly move the hosted location of two important sites from dreamhost to yahoo (where the domain reg and mail servers were anyway, so it was convenient enough.)  Once that happened google started serving the pages properly, without warnings.  However,  I’m going to be rebuilding these sites bit by bit over the next week.

and I’ve come to this conclusion.  much like happened to automobiles in the 80s, i guess, the casual hobbyist is no longer suited for hosting blogs and cms stuff.  Technically, keeping wordpress or zenphoto up to date is well within my comfort range… however, the frequency of which this needs to happen is not.  I want to spend no more than 5 or 10 hours a YEAR implementing new themes, and I hate the upgrade process of wordpress et el…

(by the way, my suspicion lies with zenphoto-  it always seemed much less stable than wordpress, no doubt due to its lesser popularity. but again, I’m not going to know.)

I don’t like blogger very much, but I wanted to at least put my extracted/ transported/ transformed wordpress xml export someplace, and, since google controls everything, this seemed like a place they wouldn’t mind too much.

(I also spent 5 hours today hand-editing the said seventy thousand line xml export, removing all the crappy spam that for some reason is standard wordpress export.  The file size went from 6MB to 1MB once I removed the spam.  I know I could export it without the spam….but I realized that after I’d destroyed the databases and deleted the hosting on dreamhost.  that was in the middle of the night, not the best time to be making those decisions, obviously.)

Posted by:brook delorme

3 replies on “information access

  1. Oh no!

    It’s actually a WordPress exploit although zenphoto may very well have been an additional culprit. It happened to me over the Summer. I didn’t update WordPress either. But now WordPress makes it so easy to update (one click) that it’s not an issue. I hope. ;)

    Glad to see you’re back in action!

    1. hey Karol- it’s a relief to hear that it happened to you too. (you seem so responsible with the webstuff!)
      …but god, it’s been such a headache! I haven’t yet figured out how to retrieve the information from my zenphoto sites (they had stopped functioning COMPLETELY “internal server error” so exporting the infos in a wordpress/zenphoto export file was out of the question) –the sum is, I’m trying to switch everything over to things tools like posterous. because I can’t be trusted with even one click updates!

      glad to hear from you too :)

      b

      1. Posterous is actually really awesome although I wouldn’t use it for a business site. I use it for a personal blog. E-mail posting is flawless … that’s actually the only feature I use.

        I don’t know how to fix all the errors, but if you want help Norcross (aka Andrew Norcross) fixes all my stuff when I mess it up. http://www.andrewnorcross.com but it’s best/quickest to tweet him @norcross

        I only feign responsibility. :)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s