What does not kill me, makes me stronger

After spending a few days in the north of Senegal, I returned to Dakar to find one of my sites had been hacked. Each page of my photoblog, Ria Galleria, had a long list of ads and links above my own photo posts. The ads were all related to travel, which is preferable to zoophilia, although the centred alignment was crime enough, typographically speaking.

After some frantic searching, I learned that I had been hit by a php injection, which is not the latest form of synthetic drug abuse but rather a hack that places a line of malicious code at the top of all the php files on your server. Given that my blogging software, WordPress, is built on php, this was a serious problem.

How did it get there? Probably through some security weakness in my outdated version of WordPress (or possibly an associated plugin). Updating is an obsession at WordPress, annoyingly so at times, but plain stupid to ignore for as long as I have. My excuse was that I could not rely on stable power supply long enough to undertake such a laborious process of synchronizing hundreds of files.

This hack attack was the push I needed to upgrade. I started with Ria Galleria, using a fully automatic update by SimpleScripts. It was simple, but it lost lots of tags and all the links to the photos — a pretty basic flaw for a photoblog. Still, I was happy that I had the basic setup back, and will re-upload the photos as and when.

More daunting was this four-year-old blog. Mon œuvre! ;-)

I decided to do the upgrade manually, and, several hours later, it’s up and running. For you, dear reader, there is very little difference from the previous version. If only you could see behind the screen … gone is the linoleum and the bakelite cabinet; now all is cool whites and a single pulsing red LCD atop a burnished titanium cube.

Actually there are a million tabs, tags, options and other delightful distractions to fiddle with. I won’t have any time left to write anything.

I mentioned that you would not notice anything different after the upgrade; that’s not true. As with my previous upgrade (two years ago, oops), some things don’t make it through to the other side. Last time it was the Ultimate Tag Warrior, a plugin that was as heroic as it sounds; this time it was my AudioScrobbler, which showed you what I’d been listening to. It seems the developer got fed up with working on it.

So now I have to write out what I’m listening to: Stan Getz and Dizzy Gillespie – Dark Eyes
Now it’s Eddie Palmieri – La Verdad. Next Goldfrapp – Utopia (New Ears Mix) … Phew … there’s got to be another scrobbler out there. [UPDATE: fixed — see sidebar]

On the plus side, the upgrade means I can use some new eye candy, such as this:


So much sexier than the static tag cloud I had before.

Wrap-up at five after midnight: I was hit, knocked down, got back up, dusted myself off, walked away looking better than before … and yet … I have a lingering fear that something is still lurking in a database somewhere, ready to strike again.