![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Well, THAT is Interesting…
Apr. 16th, 2011 10:20 pmIt seems one of my websites was hacked — ages ago. They were able to get in via an old Movable Type install. Through it, they were able to modify the HTACCESS file, and create a bunch of files (although it seems they couldn't modify existing ones). the HTACCESS file was gigantic — full of ModRewite rules (redirecting requests to different URLs). It seems I was a zombie host to all sorts of strange files… not just star porn, but famous quotes from Donald Rumsfeld.
I've stopped it by removing the hacked file, and removing all scripts, but *my* pages still exist (I removed some suspicious directories), so the operate normally. (MT was never truly dynamic… if you changed something, you rebuilt the entire website if that change appeared on every page)
So how did I find out? Well, my new Wordpress install required me to create a bunch of 301 Redirects (so my old content will be found at a new URL, and Google et al will automatically change their search results to match) and it seems those conflicted with the parent (corrupt) htaccess file, causing BOTH domains to become totally dead through an Error 500 (internal server error).
Crazy.
I've stopped it by removing the hacked file, and removing all scripts, but *my* pages still exist (I removed some suspicious directories), so the operate normally. (MT was never truly dynamic… if you changed something, you rebuilt the entire website if that change appeared on every page)
So how did I find out? Well, my new Wordpress install required me to create a bunch of 301 Redirects (so my old content will be found at a new URL, and Google et al will automatically change their search results to match) and it seems those conflicted with the parent (corrupt) htaccess file, causing BOTH domains to become totally dead through an Error 500 (internal server error).
Crazy.
