Tag Archives: wordpress

Hacked! Again!

If you visited The MKX® today and was redirected to a hardcore porn website… you are welcome. However, I must admit this wasn’t me making a quick buck by getting into a new business venture (not yet, anyway). This was me getting hacked.

Again.

I wish I didn't have to use yet another "hacking photo" on a post.

It happened again, around 5 AM. I keep WordPress and all plugins up to date, and yet somehow a malicious attacker found a vulnerability on something I use in the site. I verified my logs and they didn’t gain access through FTP nor SSH, so a vulnerability it is.

Most PHP files were modified to include an extra line at the beginning that looks like this (I abridged):

<?php /**/ eval(base64_decode("aWYoZnVuY3R <--- lots and lots of gibberish like this ---> ZW5fNzCB9"));?>

When run in the server, this inserts code to redirect you to the naked ladies.

I assure you that The MKX® is clean… for now. The battle continues.

Site redesign

It’s been almost two years since our last redesign, which caused an uproar among our readers: violent protests outside of our headquarters, a Facebook protest group, a heated poll, and flag burning.

Well, the design team of The MKX® is happy to announce a new look for our website. Among the improvements:

  • Post-specific banner images.
  • Full text articles on RSS feed.
  • A cleaner and more attractive look based on the Twenty Ten theme.
  • A cleaner side-bar

But in spite of the new look, you can still count on the accurate, unbiased, hard-hitting, no-nonsense news reporting that we are known for.

You can see previous designs in this old post.

Comments not going through

A while ago I installed a captcha-based system called reCAPTCHA in my comment system. CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) work like this: Some garbled text is diplayed that is very hard for a spam bot to read, but relatively easy and only slightly annowing for a real human to type. It worked well. reCAPTCHA is even better because the hard to read text is not computer generated, it actually comes from real books that are being digitized but on those words the computers are having a hard time reading it. So you do a little bit of useful work and I get no comment spam.

Lately, it worked too well. Turns out that a pretty serious bug shipped in a recent version of reCAPTCHA that marked every comment as spam. I went into my comment spam folder and manually approved a few of these comments. I also installed the fix. I apologize and I hope I didn’t miss anything.

Your comments are very welcome and highly encouraged. They make me feel like someone reads the stuff I post here. Sorry about the bug!