If you happened to log on to this blog last night (Sunday) at about 9pm, the above page is what you would have been greeted with. Yup, we got “hacked.”
(click on the image to see a full-on screen shot sent to me by a concerned friend — thanks Stacey! bookmarks, etc, have been blurred for (some) privacy)
I say that we got “hacked” in quotes because it’s not like there was a movie-style security breach. It was only the front page — direct permalinks to individual posts worked fine, as did all the administrative stuff, like logging on. It happened in about a 20-minute window of me driving from one house to another, and it took me another 20 minutes or so to get that page down and replaced with something less, well, embarassing.
At first, I was even glad to just get a “this page is parked” by my webserver.
Now, as far as I can tell, this wasn’t a hugely malicious hack — just a drive-by job. And since I’m kind of anal about security updates, I think it’s because I got cheap hosting — and cheap hosting means shared hosting. So someone else I’m sharing a server with may have left a back door open.
I’ve taken the opportunity, in cleaning out the hijacked page, to update the blog a little bit more. You’ll notice first off that there are now threaded comments. You can now “reply” to people. I didn’t go crazy with it, but it’ll go three levels deep (to start — I’ll adjust if it seems necessary).
There should be some improvements to image galleries as well, plus a new “mobile” edition of the site coming soon.
Grant Hamilton
-
Stacey