I know many wonder why it took so long to get CC back on the air. Yes, I do take backups. With backups, it should be a rather easy task to just restore from a back up and go.
Well, apparently the initial break-in occurred several months back and then was activated just a few days ago. My backups showed that the infected modules were there also.
When I noticed that the problem had been here a while, I decided to take a longer look and find out my greatest source of security breach. I have several more things that I should do to harden my security, but I am going to work on that a bit at a time.
One thing I found out was that an old program (Coppermine) I had initially used to store photo albums was way out of date and was one entry into the system. I decided to remove it along with all of its contents. If you look at the album tab, you will no longer be able to see photos from 2003 to 2007.
When I started this blogging the blogging engines, like WordPress, didn’t handle photo albums well if at all. Now WordPress has a good Album capability. I chose Coppermine, but the problem with maintaining more pieces of software is that you are maintaining more pieces of software.
The more different pieces of software that you have, the more possible areas to break in. Given the time, i will probably put the photos from those albums back using WordPress. It is on my ToDo list.
This morning I decided to look at the error log for this site. Error logs are are one way of seeing possible attempts of entering the system through old back doors that have been planted by Hackers. Today’s error log has several hundred entries for Coppermine, which I removed.
Most likely those errors were cause by search engines looking for photos. However, there were a couple that might have not been valid. One of the modules that had been replaced by the Hacker was a 404 module. If you try to search for something and it isn’t there, then that is an error and it is handled by a 404 module.
Therefore, if a hacker installs special code in a 404 module, they have a permanent way to get back into your system. One of my infected modules was a 404 module.
As you can tell, I am still a little hung up with the past outage. I implemented about three things I needed to do to make Hacking more difficult. I still have a couple more things on my list, but they will take a while and I get to them as I have time. I have decided to keep a closer watch for indications that there are attempts to get in.
A blog is just like a house. The security doesn’t have to be the best in the world, it just has to be better than your neighbors.
Now, I do have some Panama related photos I have recently taken and hope to get them posted soon. I can tell by looking at the site stats that the four days of outage will have caused a few readers to be hesitant to return and it also had an effect on search engines.
But as they say in Panama – poco a poco.