However, there’s a problem. I figured there would certainly be a WordPress hack on one of our hosted customer sites between when I signed up for the talk a few months ago and now. I’ve waited and waited, and shockingly, all of our customers have listened to us and have been keeping up with their WordPress updates. So we haven’t had a single WordPress hack to clean up.
So I need this blog to get hacked. The sooner the better.
Oh, and to speed this thing along and I’ve reverted this blog’s WordPress code back to WordPress 3.0. This blog currently has more vulnerabilities than a president asking congress to approve a bombing on a mideast country.
I’ll update this blog and our twitter account with daily updates on my situation. Stay tuned. This could get interesting. Or embarrassing.
Last night, just before turning off the lights and harassing my wife, I received a text message from our server monitoring software saying that the mail queue on one of our shared web servers had suddenly spiked. Lots of emails being pumped out of a shared web server is almost always the sign of something bad.
Logged into machine and examined one of the emails in the mail queue. Because we roll our own PHP its compiled with a patch that inserts the full path to the script that sent the email. Years ago, when we didn’t have this patch installed, determining which site and/or script sent an email could have taken hours – or be nearly impossible to figure out. Here’s what the mail header looked like (note: the actual web site address has been modified to protect the client):