There is no frigate like a book / To take us lands away, / Nor any coursers
like a page / Of prancing poetry.
My websites were flagged by my webhost as containing malware yesterday. After a little back and forth with them, I decided that I would fix the problem myself to save on the hard costs of hiring an expert. The sites in question1 had been hacked sometime in July, but the hacker’s payload was simply a proof of concept – the hacker created a file called lol.txt on each folder on the root level of my server.
Since I’ve been a customer of this particular webhost for nearly 15 years, there was a lot of extra folders left over from various projects that I didn’t need anyway. I took the time to back every single thing to my local hard drive, and then deleted thousands of files.
The malware was installed as a .php file in the directory /wp-includes in two different websites with a WordPress installation. I could have simply nuked all the WordPress files with the exception of files found in /wp-content but I was curious if I could find more traces of malware. I didn’t have anything else more pressing to accomplish today.
Eventually, I cleaned up all the miscellaneous debris left over from Blogger days, lo so many moons ago, and even delved into my Moveable Type installation from the Golden Era of Blogging. All clear, if clunky.
Being told you have malware is like someone accusing you of having lice or a STD or something”my brother quipped back:
what’s worse malware or herpes?”
- not this one, but others [↩]