by Sean Cribbs
Sorry, kids. My site has been pummeled with spam comments. As I
write this, the bastards have already tried to spam my
page about comments, at least once (
tail -f is
your friend). Thirty minutes ago, it was every 5 seconds.
I suppose it was my fault for not getting an Akismet API key. I have one now, but I’m going to keep comments on my site down for a few days until the mess dies down. I really can’t fix much of anything because I’m too busy with other projects.
Which brings me to my other h4×0r encounter for the week. Someone figured out, as long ago as Sept 12, how to compromise our webserver at KCKCC. They used it to set up an eBay-phishing page. Funny thing is, we didn’t even notice until eBay sent us an email notifying of the site.
When we dug into the directory, we found all kinds of hacks, including numerous PHP scripts that grant shell access. The primary problem was that we were running PHP with Safe Mode Off, it seems. We turned it on and now every PHP script has to run as the Apache user. No login for you!