It appears that this blog has been recently compromised.  Big thanks to one of the readers for bringing it up and letting me know.  Especially, since the compromise was hard to notice – one of the recent posts was modified with a blog of hidden markup that contained some SPAM links.

I am still looking into when and how this happened.  The blog is powered by the latest version of WordPress (2.3.3), but a few plugins were outdated (it’s been a month or so since the last update).  I have edited the post to remove the SPAM links and I’ve upgraded all plugins to their latest versions.  I’ll also limit access to administration interface by IP (yes, I know it’s easy to go around, but I think it’ll keep most of the bots out).

If you have any other suggestions on what and how to do, please let me know via comments or directly.

Leave a Comment