WordPress Redirect Exploit

After updating my blog yesterday, I discovered that my website had at some point in the last month been subject to a WordPress redirect exploit. After a few hours last night (really this morning) where the entire site was offline, I was able to bring it back up and purge the affected files. My thanks to the folks at (mt) Media Temple, who published this knowledge base article on how to resolve this issue. And also for providing a fresh perspective after a few hours of late night research and even fewer hours of sleep.

I was also able to correct a potential spam issue related to a rouge php file that appeared in my WordPress install some time ago. My apologies if you’ve been affected as a result either of these attacks – I certainly never meant for this to happen. Open source projects like WordPress have enabled millions of people to publish their own voice online. But security issues like this remind me that the Internet is still relatively young; I think it’s obvious that we still have some steps to take to make it a safer place to both publish and browse.