Boring site update: after I noted my intention to nuke my website in order to save it, I received a number of friendly tips and offers. Thanks to Zack (who alerted me to the problem), Clint (who suggested I may have been hit by a Pharmahack), Alan, D’Arcy and Jim.
Pat Lockley seemed confident that he could figure out the problem, and after a little sniffing around identified a few potential problems — an “RSS4” file that was probably some kind of backdoor, and a “TimThumb exploit” attached to a plugin that I wasn’t even using. Whatever he did removed the identified problems, and hopefully the site is now good to go.
Pat reminds me that it’s important to keep plugins and themes up to date, and to delete unused themes and plugins. I basically tried to do those things, but obviously my years letting the painstaking UBC Blogs team take care of my safety led me into complacent habits.
I’ve already expressed my gratitude on Twitter, but obviously I feel grateful and a little humbled that people would take the time to help fix a problem that was likely caused by my sloppiness.
On what I hope is an unrelated note, my bandwidth usage was right up against its monthly limit (possibly due to the exploits described above), so my site was down over the weekend. Somebody noticed. But I was up at the Lake with a slow connection, and decided to leave it until this morning. Apologies for the mess, and here’s hoping things are smoother from here.