Well it’s been something of a difficult week here on barganews. Let’s see if we can fill in some gaps and explain why. Barganews was started way back in 1996 when most people in this area had little idea of what was an e-mail address or what was a website. Blogging, twitters, facebook and myspace were all a long, long way in the future. In those days sites were all hand coded and laboriously put up online page by page.
Then in 2005 we moved over to the open source blogging software WordPress – a project which started with very few users but which has since grown to be the largest self-hosted blogging tool in the world, used on millions of sites and seen by tens of millions of people every day. One of the regrettable side-effects of having a large Internet presence is that you then become an easy target. Over the years barganews has been attacked on numerous occasions – sometimes the script kiddies and hackers had succeeded but not often.
Unfortunately this week they did get in via a back door exploit in the wordpress software. Not just barganews but every site running older versions of the wordpress software have been potentially compromised and webmasters this week around the globe are frantically upgrading and cleaning out their code.
The hacker slimeballs may have known about the security issues before we did and went about their merry way breaking into blogs and websites, grabbing usernames and passwords, and planting backdoor scripts to log them in again at a later date.
Before you ask, yes, we were aware that we were taking a slight risk by running a slightly older version of WordPress. In our defence, however, early releases of major WordPress updates often have numerous bugs of their own. As such, we typically wait until at X.X.2 before upgrading unless a serious hole is discovered in the version that we are currently using.
On the bright side we have now cleaned up and updated the complete system, overhauled all the software, installed the latest plug-ins, changed all passwords across the site and once again the ship is secure.
Unfortunately this now means that ALL passwords will have to be changed so we urge all of our readers to re register on the site. People will only be able to comment on any of the articles on barganews if they are registered.
We are no longer accepting anonymous comments. We now require full name and email address ( e-mail address will not be published)
Just testing. : )
When will the new system be implemented?
What system? Is there something funny going on that I might have missed?