If you’re a regular reader, you will have noticed that the blog was unreachable for a few days. This was because the blog got hacked.

Really, to be honest, it looks like the blog got hacked a long time ago already, but nobody noticed. This isn’t a high-profile blog that someone would hack for its own sake, so there were no visible signs. It was probably just added to some list of p0wned sites. But now someone somewhere decided to use it to start sending out spam. Alarm bells rang at my hosting provider, they blocked access to the blog, and I started disinfecting.

I think I have now found and removed all the stuff that didn’t belong, so I’m letting you all back in. As part of the cleanup I deleted all plugins, so some of the extras are missing (notably the links to related posts).

The cleanup process was really not trivial. I’m not even sure that everything is 100% clean now, so I will be extra vigilant for some time. Without knowing both PHP and SQL, this would have been hopeless. I am glad I am a web developer.