Tag Archives: wordpress

by

i feel like a new man

Wow, it’s been a crazy couple of months.  I’ve been settling into my job, (which I am so happy at), I’ve been wrapping up some projects, and I’ve been finishing up with some clients AND trying to develope some new business leads.

My job is going great.  One of the things we were really lacking, (my department) was a robust ticketing system.   Someone suggested RT::Request Tracker.  I had never heard of it before, and I am very impressed.  The best thing, I believe, is that every browser works with it, and works well.  It’s all Perl based so one can grock it fairly quickly.  But it’s also very powerful and configureable. It was a bitch to install it since it required so many Perl modules, but I stuck with it and got it going.

I might have mentioned before that I am a big fan of Drupal.  We set up a departmental portal recently using Drupal.  I like it.  I used Drupal for our son’s school and was very impressed with it:

One of the things I would like to try to promote is the social networking tools like Drupal or Twitter at work.  I would like to have a departmental blog.  I feel it is very important to communicate the work we are doing, (which is nothing short of excellent).  I’m not sure how my reports will feel about it.  We’ll just have to see.  If you got some ideas or thoughts around bring social networking into the office, please let me know.

On the productivity side of things, I’ve been loving Remember the Milk.  They just release a Firefox add-on that integrates with Gmail.  It’s pretty slick and I use it quite a bit.  I see they also released some clients, but I haven’t had a chance to monkey around with them, yet.

I also spent some time tending to my long neglected WordPress installation.  I need to read documentation more closely.  I got my tags issues all straightened out and things are humming along nicely.

by

Another b0rked WordPress upgrade

You might have seen that I had some problems with my upgrade to WP 2.6 last night.  Dreamhost, my webhosting provider, has a “one-click install/upgrade” and for whatever reason the process treated my WordPress installation as a “new” installation and changed my configs to point to an old database with a different table prefix.  It’s easy to fix but takes some time and some paying close attention.

In the process, I also found out that I needed to drop Ultimate Tag Warrior for tagging so I disabled the plugin.  I was able to import the UTW tags right into WordPress and the tags and tagging is working SO much better.

I’m going to be trying to update more often.  I’ve been really busy so I got to say about a lot of things.

by

wordpress upgrade… not so good.

So, Dreamhost offered a ‘one-click’ upgrade to WordPress 2.5. I hadn’t had problems with it before so last night I did the “one-click” upgrade. I went to bed.

This morning, I find a bunch of undeliverable emails in my inbox and notice that the from/return address is “email@gmail.com.” And the main page of my blog is a link to a comment on geni.com offering to sell viagra and it was the default WordPress theme with the “Hello, World!” post.

My questions, which I’ll ask Dreamhost about, are:

  1. Was the upgrade botched?
  2. Was my installation hacked?
  3. My “old” site (dreamhost will attempt to back up your old installation so you could revert back) didn’t work as many of the files were missing.

At this point, I had one of those “oh shit” moments were I’m thinking whatever happened, my database is gone and I don’t have a recent backup.

In my wordpress installation directory, all my files and plugins appear to be there and my wp-config file looks okay…

Then I find it. There is a different prefix on my mysql tables:

$table_prefix = ‘wp_ufgeai_’;

Sure enough, in addition to MY tables in MY database I see the “new” tables.

I had already dumped my other tables and saw they were still there, so I simply removed the ‘ufgeai_’ from the wp-config.php page and my site was back up.

However, there is still more to this story. I couldn’t log in via the wp-admin page since the admin password was in this new tables. I got really lucky since the email address set up was ’email@gmail.com’ and I was able to get the bounces, which allowed me to reset the password to get in a do some recon.

I wanted to mention the ‘ufgeai’ prefix because I didn’t find anything on Google referring to it, and something tells me that I am not the only one this has happened to.

Needless to say, I changed all my usernames and passwords to something cripplingly complex.

Then, when I was able to log in to the right instance of my wordpress, I was getting all sorts of errors from ‘wp-admin/includes/dashboard.php’ and had to comment out about 15 lines, all referring to sidebars and widgets. Later, I’ll have to fix all of this and read up, but I have to get ready for a birthday party.

Some notes or food for thought:

  • I got really lucky my database and tables weren’t blown away. I am going to make backups pronto!
    • First need to make sure there isn’t something that shouldn’t belong in the regular tables, like another admin account.
  • How did this happen? Is there something wrong with the Dreamhost installation or I was a victim of a brute force attack? I thought my passwords were good.
  • Why didn’t my previous, backed up installation not work?
  • Why did I get so many errors with the dashboard.php file? Was that file supposed to be “upgraded” or was it something I installed or was part of a plugin?

I’m going to open a ticket with Dreamhost and give them some forensic evidence since I made backups of the changed files and added tables.

Hopefully, this will help someone and prevent a long history of blogs posts from being lost. If you find yourself in this situation and think the only solution is a new, clean, install, check your tables since your old/current data might still be there.