Finally got hacked after 6 years of safe journey online.

Two weeks back, a simple site search site:ReviewOfWeb.com on Google revealed some unwanted results which clearly showed that my site was under attack. Here is how some of my site URLs looked like in Google. [Check the description.]

The interesting thing about this hack was that it was a conditional redirect, or in simple words, when you would navigate to this site by directly entering the URL in address bar, you would get the actual page of my website but when a visitor arrives from a search engine he would get re-directed to the spammers website in what was probably an iframe.

What should you do in a similar situation?

Calm down! It is unnerving to see your site being surrounded by malware and Google showing nasty links and text below your site URL, but the damage is done and you have to correct that. Worrying about it may make the matter worse.

How to identify the files that got hacked?

SSH to login to your website and find the last modified files by the timestamp. You can ask your webhost. In my case the hacker had inserted a base64_decode() in my wordpress header file. Though I was able to nail down the files which were hacked, just to be doubly sure I preferred to hire a professional malware removal agency Sucuri.net

Folks at Sucuri were super fast and removed the malware within half and hour of opening a ticket with them. They followed up with some general recommendations on how to prevent further attacks. The recommendations included changing FTP credentials, wordpress login credentials, database passwords, updating core wordpress, wordpress plugins and running a thorough virus scan on the personal machine. I did as advised by them.
To my surprise, within 2 hours the malware returned, this time affecting another file – index.php

This was more worrying since it seemed the intruder was targeting at will. While it is relatively easy to identify the files that get hacked, at times it is extremely difficult to identify how the intruder reached those files. Since I had already updated my wordpress installations and changed passwords, I nailed down three possibilities -

1. A vulnerable wordpress plugin that is not updated by the developer.
2. Vulnerable wordpress theme.
3. Open permissions (chmod 777) on my shared server.

First, I uninstalled all the plugins, removed all except the core tables from the wordpress database and then did a fresh reinstall of the plugins that were really required. Along with that, I also changed my theme framework from Woo Theme to the current Thesis theme (In the recent past, WooTheme framework had been targeted twice). There was an unused script in my account whose temp folder had open permissions, which I fixed.

Final Cleanup act

The excellent folks at Sucuri – a special thanks to David Dede – did the clean up once again and since then this site is pretty safe. Sucuri not only provides clean up services but they also provide a facility whereby your site is checked every 6 hrs for any major/core file changes. A premium wordpress plugin is included which helps in 1 click ‘hardening’ of wordpress installation, logging changes to your wordpress files and blocking bad bots from visiting your website. I have now upgraded my plan at Sucuri and secured all my sites. You can check more about Sucuri here

Over to you. Have you ever got hacked? How did you clean the mess? More importantly were you able to identify the source?

WordPress site hacked. Here is what I did to “un-hack” it is a post from ReviewOfWeb

We had released Recent Comments Widget sometime back that turned out to be an instant hit. We were overwhelmed with the responses we received. There were a lot of requests for a similar Recent Posts widget. So, today, we are releasing Recent Posts widget for BlogSpot users.

How is it different from the other Recent Posts widget?

1. The problem with other widgets is that the source code for them lies with the widget author and the authors often integrate it in within their own site. If because of some problem their site is down, the recent posts widget will not work.Here, I am releasing the source code so that the logic would reside within your blog itself and hence you can do away with dependency on 3rd party site not under your control.
2. You have a number of control and customizations options available. With this widget you have the option to show:
   1. Posts Title only.
   2. Posts Title with Date.
   3. Posts Title with excerpt.
   4. Posts Title with Date and excerpt.

Why should we use this widget when we can use you the feed option provided by blogger itself?

Well, for a number of reasons.

1. Blogger limits the recent posts to 5.
2. There are a number of customization options I have provided which you might not find with the internal blogger system.
3. [Trivia] The URL that appears in your Firefox bar (below) when you hover the mouse over the link, contains your feed URL and not the actual URL.

How to install Recent Posts widget for blogger?

1. Login to the blogger dashboard.
2. Go to ‘Page Elements’ tab
3. Click on Add a Gadget. Select HTML/JavaScript widget type.
4. Now this is the most important step. Download the corresponding code given below and paste it in the widget box you have just opened above.
   1. Right click on the button below to download code for Posts Title only.
      
   2. Right click on the button below to download code for Posts Title with Date.
      
   3. Right click on the button below to download code for Posts Title with excerpt.
      
   4. Right click on the button below to download code for Posts Title with Date and excerpt.
      
5. Scroll down to src=http://xyz.blogspot.com and replace xyz with your blog’s name. For example if your blog’s URL is http://abc.blogspot.com then the code should become src=http://abc.blogspot.com DO NOT TOUCH any other part of the code or else it might create problems.
6. You have the option to increase/decrease the number of posts displayed in your widget. Go to var numposts = 5; (3rd line from the top, in the code you have downloaded). Increase/Decrease the number of posts. By default 5 posts would be displayed.
7. If you choose to show excerpt for your posts, you have the option to increase/decrease length of the excerpt. Go to var numchars = 100; (6th line from the top, in the code you have downloaded). Increase/Decrease the number of characters. By default length is set to show 100 characters.
8. You are done! Lastly please do not remove the footer credits*.

Please let me know if you face any problem implementing the code above.

If you like the above widget. Consider donating and encourage us to come up with more such widgets.

*The code is released under the condition that footer credits should remain intact.

Recent Posts Widget for Blogspot Users is a post from ReviewOfWeb

Here I assume that you are using the blogger beta and not on the classic one. It’s been a long time now that blogger has moved to beta. There is no reason for you to remain on classic version now.

You want to show adsense ads on sidebar of the home page of your blogger blog and not on the other pages OR you want to show adsense ads on all pages except the homepage of your blogspot blog. Here is what you can do-

1. LogIn to the blogger dashboard. Go to Layout. Say you want to show ad on the left sidebar top. Click on “Add a Gadget” on LHS of layout and enter your adsense code. 
2. Now go to Edit HTML. Scroll down and locate left sidebar. You will find something like this-
3. Copy the name of the first widget. In my case it is HTML6.
4. Now click on Expand Widget Templates (given on top right) and search the name you have copied in the above step.   
5. You will find a similar code except what is in the red box above. Copy and paste  <b:if cond=’data:blog.pageType == &quot;index&quot;’> and </b:if>, EXACTLY at the same place as shown in the image above.
6. If you want to show ads on all pages except on the home page then copy and paste this <b:if cond=’data:blog.pageType != &quot;index&quot;’>

Save Template’ and you’re done.

Gozar!

How to show adsense ads only on home page and not on inner pages of your blogger blog? is a post from ReviewOfWeb

If you work on a shared computer, you might want to password-protect your excel or word documents. How would you do it?  There are a number of commercial tools available for this, but Microsoft provides a free, nice and elegant way.
The first time that I needed this feature, it took me a lot of time researching, so thought of sharing this tip with you all.

If you are using MS Office 2000:

1. Open the document.
2. Go to File > Save As. Click on Tools on top right side as shown.
   
3. Click on General Options.
4. The next screen will ask you for the password. Fill in your desired password.
5. The next time onwards, whenever you open that file, the system will prompt for password.

If you are using higher versions of MS office:

Microsoft has made this process a bit simpler for higher versions. Simply go to Tools > Options > Security tab and fill in the desired password.

How to password protect your word or excel documents- The simple way is a post from ReviewOfWeb