WordPress Hacking, Matt Mullenweg, And Some Screwed Up Priorities

I clean WordPress installations for people who have been hacked. I can help fix non-Wordpress sites as well, but since often times the way people find me is through the guide I wrote on how to fix WordPress after you’ve been hacked it turns out that’s what they need me to do for them a fair bit of the time. I have a process that I go through, and a specific set of things that I look for on every WordPress installation that I work on to make sure that it is indeed hacked, and to determine how bad the damage is. Different intrusions can leave various symptoms and clues as to how the hacker got in, and knowing this can be helpful in diagnosing the situation.

One of the hacks that has been around for a few years

Read moreWordPress Hacking, Matt Mullenweg, And Some Screwed Up Priorities

My Mom Needed Me To Let The Plumber In While She Was At Work (True Story)

Complex bath mechanisms I work from my house and keep odd hours, so when a family member needs some sort of worker let into their house during the day I am often asked if I am available to do it. I don’t mind, we all live fairly close together, and it’s not that much of a hassle on most days. Tonight my mom called and asked me if I could let someone in to her place tomorrow to look at her tub, because it’s clogged. She’s tried Drano twice, poured boiling hot water in it, and even tried plunging it, all to no avail. I told her it would be no problem for me to let someone in.

A little while later I went into my own bathroom, and while in there happened to glance at my own tub…

Read moreMy Mom Needed Me To Let The Plumber In While She Was At Work (True Story)

GoDaddy’s Suggestion For The Cause Of Their Hacks And Their Community Blog – Can You Smell The Irony?

Yesterday I blogged about the hacking situation with GoDaddy hosting and a customer service call I had with them concerning some evidence I had found. While it is true that as this has progressed GoDaddy has widened their scope in investigating what the underlying cause of these hacks are, initially they claimed that the issue was with their customers running outdated versions of WordPress. While being wrong about something like that is usually not that big of a deal, in this particular instance it proved to be beyond irksome, since a large portion of their customer base were told that it was their own fault that their sites got hacked (even in cases where the customer was up to date), and that GoDaddy was in no way to blame:

WordPress is a-ok. Go Daddy is rock solid. Neither were ‘hacked,’ as some have speculated.

After an extensive investigation, we can report there was a small group of customers negatively impacted. What happened? Those users had outdated versions of the popular blogging software, set up in a particular way. – Alicia from GoDaddy

From what I have read around the web customers were being told that it was not GoDaddy’s responsibility to fix the sites, that they only offered “limited support” in situations like this, leaving people with only the option of restoring from a backup (which would often not help even in outdated WordPress hack situations, since hacks can go undetected for months) or hiring outside help to clean things up.

You can see on the support page they have set up, What’s Up with Go Daddy, WordPress, PHP Exploits and Malware? that they still claim that outdated scripts are part of the problem. Going to that page and viewing the source reveals something almost unbelievable:

GoDaddy outdated software...?
(click to enlarge)

That’s right, in a classic “do as I say, not as I do” twist it seems that GoDaddy is in fact running an older version of WordPress (WordPress MU, based on the version number, which has the same security holes as regular WordPress) for their community blog that they are using to tell people to upgrade their WordPress versions.

To be fair, simply having an older version of WordPress does not mean that it is automatically insecure… the security fixes in the more recent versions may be minor and the known vulnerabilities might have been manually patched. I can’t know without actually digging deeper and looking if in fact the installation was vulnerable.

Then again… neither can GoDaddy in the case of their customers.

Jason Calacanis: Screw You Google, Now I’ll Sell Links Too

By now Google has to be getting more than a little embarrassed about the behavior of Mr. Jason Calacanis and his site, Mahalo.com. Aaron Wall did a very well written piece explaining how Mahalo Makes Black Look White and the spammy techniques they were employing. This isn’t the first time Aaron has blogged about Mahalo either, and talked about exactly how this makes Google look bad. For those who might not know, I have also been blogging about this recently.

While Google will ban smaller websites from their search results or from AdSense on a whim, usually it takes heavier coverage

Read moreJason Calacanis: Screw You Google, Now I’ll Sell Links Too

Jason Calacanis’ Backup Plan For Replacing Content: Steal It From Wikipedia

/sigh

Ok Jason, we get it, you’re desperate. But stealing content from Wikipedia in order to replace what you deleted? Come on!

I am flipping through Mahalo.com today, just seeing if

Read moreJason Calacanis’ Backup Plan For Replacing Content: Steal It From Wikipedia

Dear Jason Calacanis: This Isn’t An “Absurd Microscope”

Jason Calacanis replied to my post from yesterday. In it he discusses how he is indeed deleting many of the spammy pages that I had pointed out. Some, like the duplicate content doorway pages, he continues to defend. Either way, progress is being made.

However, he still kinda kills it by tossing in at the end about how this whole scrutiny on his site is “absurd”, and anyone who calls him on it is being “vicious”:

Read moreDear Jason Calacanis: This Isn’t An “Absurd Microscope”

Mahalo.com: Meet the New Spam, Worse than the Old Spam

Last week, after Matt Cutts gave Jason Calacanis a warning about Mahalo.com’s spammier pages (and probably a few stern looks as well), Jason changed a few items. He had them rename their spambot from “searchclick” to “stub”, thinking a less obvious name would throw off anyone looking into the spam situation. Very briefly they added a noindex meta tag to the content-less pages (a change that they then undid after just one day, of course). Probably the biggest change that they made, however, is that they decided to actually turn off (for now anyways) the bot that was creating all of those pages that were nothing more than scraped content.

What then, you may ask yourself, is Jason going to replace all of these pages with, exactly? I know that’s what I was asking. As I pointed out

Read moreMahalo.com: Meet the New Spam, Worse than the Old Spam

Jason Calacanis Makes Matt Cutts A Liar

Last week at SMX West, during the Ask The Search Engines panel, moderator Danny Sullivan asked Matt Cutts why he didn’t ban Mahalo.com for spamming Google. Matt stated that he had talked to Jason Calacanis, Mahalo.com CEO, about the issues, and warned him that Google might “take action” if Jason didn’t make some changes to the spammy side of Mahalo. Matt also made the following statement, in reference to Aaron Wall’s post on the subject:

All the pages Aaron pointed out now have noindex on them. – Matt Cutts

Matt was referring to all of the autogenerated pages that both Aaron I blogged about in our posts, the ones with

Read moreJason Calacanis Makes Matt Cutts A Liar