Recent visitors may have gotten a malware warning when visiting in the last couple of weeks. Evidently, the website was hacked similar to described here. I took it down to try to figure out what happened, and I appreciate the emails and forum posts from users letting me know.

I’m still not certain of the attack vector. I have a couple other domains shared on the dreamhost account, one of which had old unused installations of gallery and WordPress. That’s my best guess at how the attacker got access.

I’ve changed my user and database passwords. I’ve reinstalled the latest versions of WordPress and Drupal (6.x) in clear directories. I restored to older copies of the databases, checked permissions on all the directories, removed the old gallery installation, and made my best attempt at locking everything down again! I verified the checksums of all the Tellico packages against the copies I have on my local home machine and they have not changed.

With all that, I cross my fingers and hope everything is fixed! My skills and strengths are not in the area of website administration, believe me. So this was a real headache.

Website Hacked