My Blog has been Hacked!

That right everyone – you are now reading a hacked WordPress blog. It’s official – my blog has been hacked and as such I have taken action to solve this problem and get the malicious code out of my blog. My blog has been affected by the “WordPress Header Hack.” This is a hack where code is injected into the header of your blog containing spam links. These spam links do two things – one they send your link juice to crappy spam sites and two they hurt your Google rankings.

So how did this happen? I upgrade WordPress the very day that a new update becomes available but sometimes that just isn’t fast enough. Security holes are discovered by WordPress and patched quickly but in that small window of time your blog can be vulnerable. Through this process I have learned a lot more about how to secure a WordPress blog and I will be sharing this information with you in a future post.

That being said I do have some exciting news – a new version of my blog will be available VERY soon and it will be free of this nasty malicious code and spam links.

Worried you might be affected by the WordPress Header Hack?

It is not that hard to spot. Just go to your blog and select View -> Page Source from your browser. Then scroll down to where you see the <Body> tag. If your blog has been hacked you will then see the following code after the <Body> tag:

<div style="display:none">

After this you will most likely see a list of spam links. These links cannot be seen when visiting your page but search engines do see them and consider you to be actively linking to the sites.

This code is usually injected into your header through your WordPress database and can be installed by running executable code on your blog. You’ll see an eval( followed by a bunch of what seem to be random characters at the top of your source code – this is actually a program that is evaluated and run on your server injecting the malicious code in your database.

While I have removed the executable code if you want to see what the hack links look like you’ll see them by simply viewing the source of my blog right now! A new version of my blog has already been created with a brand-new look-and-feel along with dozens of new interface and feature enhancements!

If anything this minor set-back forced me to make some much-needed improvements to my blog and I think all my readers will appreciate the changes! Remember – these kinds of things are going to happen in life – it is how you deal with them that defines the experience. I was ready for this and you should be too! Stay tuned as I’ll have a post very soon letting you know how to really secure your WordPress blog and avoid the dreaded WordPress Header Hack!


{ 7 comments… add one }

  • Jeff September 15, 2009, 5:46 pm

    That’s a real pain. Sorry to hear.

  • Bruce Marler September 15, 2009, 6:05 pm

    Morgan,

    Bummer to hear this man, but glad to hear you already had version 2.0 of you blog on the way. A couple years back I had a site hacked and it just was not worth the effort to fix it, when it is a source of income and your face to he world such as Domainvestors.tv is for you it is much more devastating.

    Looking forward to seeing v2.0

    Bruce

  • owen frager September 15, 2009, 6:42 pm

    I had this too recently on four properties. Pain in the…
    So many devious Assholes out there. It’s another reminder that development is not autopilot and you need to be educated in basic code and able to react to change.

  • Morgan Linton September 15, 2009, 7:17 pm

    Thanks Bruce!

  • Chef Patrick September 15, 2009, 8:09 pm

    Things happen for a reason. Now you’re doing a V2 🙂

    Thanks for the reminder though. I’m still on version 2.7.2 I think. My web guy already has me down for a backup and upgrade first thing tomorrow.

  • Vikz September 16, 2009, 4:15 am

    Thanks for the info on how to spot a hacked blog. Gonna check all my sites now. Good luck with version 2.0 of your site

  • Jesse September 16, 2009, 7:35 am

    No fun at all, we have all been there but it still sucks when things like this pop up and ruin your day. I’ll be looking forward to your new revision of the site.

    If you are looking for any additional information or ideas to include in your upcoming post feel free to check out and borrow from a post I did a little while back titled Secure Your Wordpress Installation Spammers are getting more and more creative every day, its very important that we keep up to speed and try to stay 2 steps ahead of them.