Hacked!

I have always considered my site maintenance practices to be quite safe. I try to keep code compliant, I stay on current patches, and so on. But probably quite a while ago, at least over a year, the main page on Obsballona.net was hacked.

Someone, somehow, edited the index.php file to include an obscure call. It was to include a file that was specified with the PHP function “urldecode.” It turns out that translated to a text file from someone who is supported out of the Netherlands. The text file contained a bunch of porn words with links to the porn sites.

I never noticed it because the inserted text was formatted as “hidden” and was therefore not visible. Search engines did see it, so I suppose that it helped someone’s Google ranking. I also never noticed the code because it was right at the bottom of the page. I did find it when I did the updates mentioned in the previous post.

So check your file versions, and beware of any “urldecode” with a nonsense string after it.