NEVER, EVER sign-up with Globat.
- they have a fucking insane “automatic upgrade program”, meaning they automatically provide you with “useful” upgrades. And charge your credit card for it. Automatically. You are given an option to opt-out if you click on some link in some email they send to you some days before the automatic update. I don’t understand how this can be legal. This is even worse than spam.
- they claim to be virus-free, but my website just got hacked! As a result, all pages from CoderCorner are now marked as potentially dangerous on Google. This is so fucking painful. I cleaned the files and requested a new review, but WTF, like I don’t have anything else to do!
- the spam on this blog is so freaking insane, it drives me mad. Yeah, yeah, maybe it’s not their fault, but still, it makes me happy to pretend it is, just to blame them a little more. I just added a “captcha“, as suggested by a smart reader, and removed the previous moderation options. It should hopefully help.
- unfortunately I lost some comments in the process. (Sorry Geyser, in particular). No clue how it happened, but… yes… I’ll blame Globat for that as well.
NEVER, EVER sign-up with Globat.
July 24th, 2008 at 2:30 pm
If I were you, I’d think about switching… I’m happy with dreamhost.com. (Yes, and part of their affiliate program - use code ‘GROBY’ for $50 off)
Plus, you get to decide which version of WP you run, so you can upgrade as soon as there is a vuln fix available.
As for the spam, I sure hope you have Akismet running? It has cut down spam significantly on my blogs - to the extent that I don’t need a captcha if I’m willing to kill the very occasional one that makes it through myself.
July 24th, 2008 at 8:24 pm
For some reason when I tried to manually visit this article (as opposed to reading in a reader), firefox flagged it as a phishing site. Details pasted below, but considering the content of the post (a link to globat), I imagine that’s why it was flagged? You might want to remove the link to globat from your post?
(reposting the comment from IE.. not sure firefox is letting me post now)
—-
Advisory provided by Google
Safe Browsing
Diagnostic page for http://www.codercorner.com/blog/
What is the current listing status for http://www.codercorner.com/blog/?
Site is listed as suspicious - visiting this web site may harm your computer.
Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.
What happened when Google visited this site?
Of the 1 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 07/24/2008, and the last time suspicious content was found on this site was on 07/24/2008.
Malicious software is hosted on 3 domain(s), including jex5.ru, 4cnw.ru, cgt4.ru.
1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including jex5.ru.
Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, http://www.codercorner.com/blog/ did not appear to function as an intermediary for the infection of any sites.
Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.
How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.
July 24th, 2008 at 8:25 pm
…aaaaaand ignore the comment :). I just actually read the remainder of your post. Happy trigger finger here apparently…
July 28th, 2008 at 5:19 am
This is worse than I thought. ALL THE PAGES from the blog seem to have the bad link to jex5.ru. I’m not sure how to fix this since I didn’t write all the pages from scratch, I’m just using the Wordpress interface.
Any idea?
August 6th, 2008 at 1:14 pm
OMG Zappy has been hacked
It seems your server is not secure enough, and the javascript added to your pages is a SQL injection attack.
<>
More info here: http://www.bloombit.com/Articles/2008/05/ASCII-Encoded-Binary-String-Automated-SQL-Injection.aspx
You should contact the administrator of the server.
August 6th, 2008 at 1:16 pm
Oops it seems a part of my comment has been deleted (some basic explanation about the Trojan)
Here it is (an excerpt from the above mentionned link):
“The injected Javascript dynamically writes an invisible IFRAME HTML tag to the involuntarily hosting page, pointing to the actual web page that contains different malicious content in an effort to exploit current software configuration vulnerabilities of the end-user’s machine (and to further empower the botnet).”
More info here: http://www.bloombit.com/Articles/2008/05/ASCII-Encoded-Binary-String-Automated-SQL-Injection.aspx
You should contact the administrator of the server.
August 16th, 2008 at 1:38 pm
I recently switched several of my websites to nearly free speech host. If you are not heavy in content then that web host is nearly free (pennies per month). they also put a big effort for security/stability even in the event of a strong traffic (being digged/slashdotted is not a case for the web host to shut you down). And no I’m not affiliated with them in any way (other than having several websites there).
https://www.nearlyfreespeech.net/
Ps: for security issues, there are always vulnerabilities in the most common scripts (phpBB, wordpress, including their themes, plugins etc). The most used your script is, the most vulnerable it can be to worms/attacks, because that’s what is targeted etc.
August 21st, 2008 at 3:34 pm
Hi,
Your website it still giving out something poisoned with Trojan.Asprox (as of August 21st)
(my AV spotted it and removed it)
August 22nd, 2008 at 4:26 am
Well, I don’t know how to fix it.
I re-uploaded clean files, upgraded to the last version of Wordpress, told Globat about it (also sending links to pages describing the virus), etc. Nothing worked.
Now what?