[August 22, 2011] Warning – the course website was hacked

Warning – the Best Practices Course website was hacked

Today I got an email from course member Craig Pattinson saying that he was getting a warning from Google when he tried to visit the course website. I checked, and although everything appeared normal in other browsers, in the Google Chrome browser it reported that the site had content from another website that was suspicious.

After doing some research, I found an active discussion on the WordPress forum with many webmasters reporting a malware problem had appeared today on their sites. I followed the advice to check the website with a free malware scanner at sitecheck.sucuri.net and it reported an infected file.

By the way, WordPress is now used by 14% of the top million sites in the world, according to a recent report. This tool is a powerful foundation for a huge number of websites, so the malware issue is clearly a serious threat if it is affecting sites that use this platform.

CLEANUP

I have replaced the infected file, as well as one other one that had been altered, and the site now is reported as “Verified Clean” by Sucuri.

However, Google Chrome still gives a warning message when the site is visited. This warning should go away when Google checks the site next (perhaps tomorrow), but as far as I know the site is safe to visit.

I want to thank Craig Pattinson for reporting the issue – he definitely has reduced the likelihood that very many people were affected by this incident.

Best regards,
Eric

P.S. If you want to be conservative, you can stay away from the website until Google declares it safe. I really can’t say for sure that it’s totally OK, all I can say is that I’ve done what I can to make sure the course website is clean and will stay vigilant in case anything else is reported.