I relayed in my previous post that my blog had been hacked. Essentially, my Contact page had been redirected to a site with a very similar domain name. I have not investigated what my rights are, but if I think that I have a legitimate claim, I may pursue some type of action. We’ll see.

The hacker used a very similar exploit to the one Shoemoney talks about in this post. Per 1&1, the hacker overwrote my personal index page with his own index file. 1&1 corrected the offending file, but I feel like I need to take additional precautions.

One thing I’ve done already is check the permissions to all the directories and files to make sure they are set properly. I have also deleted any unused WordPress related directories with themes etc. I may also completely delete all the directories and reinstall WordPress. That may seem like a lot of work, but I’m here to make money, not fix a hacked blog.

I strongly suspect that the hacker gained access via exploitable HTML code as my knowledge there is lacking. I’ll probably find someone who can review my current setup and review any potential installs for security weaknesses.

I also found this post by Lorelle on WordPress helpful. It’s not hardcore security, but it does have great information that’s not too techie.

I’ve decided two things:

• To be very careful when I install things on my site
• The internet in many ways is like the Wild West - many people are out there pursuing theirs dreams on the “frontier”, but there are also others out there that mean to do you harm.

Be careful out there!

Stay tuned.