NEWS: Russell’s server was hacked….

Outcha, Russell Beattie‘s website was seriously hacked. Have a look at his story, good reminder for all of us (back-up, security)….

Okay, so how did the guy get in? No idea. The logs were gone. My best guess is a PHP CLI script I had running which allowed a Flash IRC app to re-route through my server to the freenode IRC servers. It was probably running as root and hackable as hell. I’ve also been playing with Apache and PHP 5 lately, so that was running on port 8080, and I really hadn’t made any effort to secure it. Or it could have been any number of exploits out there that I never bothered to patch, or it could’ve been a bad password. We’ll never know. Whatever it was, it was my fault for not maintaining my site better. Hopefully this new setup is more secure, enough to deter another attack for a while at least.

Okay, lessons: back up your data, NOW. I backed up my server last month, but the files were incomplete and a freakin’ mess. So don’t just back up, do it cleanly and in an organized, easy-to-find manner. Secondly, re-check your security. I’ve got a few more things to clean up and harden myself and I’ve been banging at the server all weekend.

Leave a Reply