If this can happen to Alan November, it can happen to any of us using WordPress as a blogging platform on a self-hosted website. Vulnerabilities like this are not limited to WordPress, however, they can happen to any website. YouTube was hacked on July 4th this year, and Justin Bieber’s videos seemed to get the worst of it.
You’ll note a simple Google keyword search today for “building learning communities” does show Alan’s website first out of over 8.8 million hits, but the website “meta information” (title and description) suggests the site is for “Cialis generic online | Online Canadian Pharmacy!” This looks distressingly familiar to a hack I experienced on my own WordPress installation back in September of 2008.
By viewing the source code of Alan’s site using the Google Chrome browser (choose VIEW – DEVELOPER – VIEW SOURCE) it doesn’t appear the hacked code is still on his site homepage. Hopefully Google’s indexing engine will catch up to this fix and correct the meta info for BLC and novemberlearning.com. Interestingly, the same search on Bing today has over 27 million hits, but the meta info for Alan’s BLC site (which also comes up first in search results) does NOT include the apparently “old hack” for Cialis drugs. I’d be interested to know if Bing does NOT include this faulty meta-information because it’s faster (already picking up the fix) or slower (not updating as often) as Google’s search algorithms.
This hack to Alan’s site seems a bit ironic, since I’ve been hearing him talk about the importance of students understanding “the architecture of the Internet” so they (and we) can manipulate it to our advantage for years. Like many things, I’m sure this will provide a teachable moment for many which Alan and others may point out. Since I wasn’t at BLC this year I don’t know if it was mentioned.
The risk of having your website hacked is real for anyone online, but the responsibility for “fixing” problems like this can fall on your shoulders if you self-host a blog installation or other website content management system. Getting professional support to fix problems like this is a good reason to blog on a commercially supported site like Posterous, EduBlogs, WordPress.com, or Blogger. The support community for open source blogging tools like WordPress (WordPress.org) is GREAT, but it definitely CAN be stressful when you have to figure out how to fix a problem like a hacked site on your own.
One of the best ways to protect yourself from ANY type of security risk or hack online is to keep your computer (whatever type you happen to use) up to date with the latest versions and security patches of operating system software as well as separate software programs you use. Doing this for your software (including WordPress) CAN (but won’t necessarily always) insure you’re safe from malicious attacks.
It can be a dangerous world out there. As with dangers encountered in the face-to-face world, it’s best to be pro-active in your preparation for online threats, and also have a good network of support to turn to when you run into trouble. That’s just another great reason to build and maintain a PLN!
Remember to follow Wesley Fryer on Twitter (@wfryer), Facebook and Google+. Also "like" Wesley's Facebook pages for "Speed of Creativity Learning" and his eBook, "Playing with Media." Don't miss Wesley's latest technology integration project, "Mapping Media to the Common Core / Curriculum."
On this day..
- A Video Lecture You Won't Soon Forget: Video Games and Storytelling - 2012
- Webcasting with Ustream, an iPad, a Tripod & an XLR Boundary Microphone - 2012
- It's not a real spider, it's just a smartphone - 2011
- River Rafting in Colorado with Buffalo Joe's on the Arkansas River - 2010
- A free online musical - But watch out - No ratings here... - 2008
- Know any fantastic Drupal developers? - 2008
- 50 iPhone emails today - 2007
- Tell a story with 5 photos for educators - 2007
- Seeing is Believing - 2006
- Major website and blog updates underway - 2005