For those of you who frequent the site (like me) you probably got a virus warning today for Sister Claire.
As it turns out Yamino just Twittered that her site was hacked.
She's been at it for hors fixing the damage and updating her software.
Her CMS? Wordpress & Comicpress.
It's happening more and more often unfortunately. Yamino if you ever get out from under this you might want to talk to one of our CMS makers (DrBlkKnight or Dragonpowered) about perhaps getting away from Wordpress/Comicpress. It might make you less vulnerable.
Either way I hope you get it worked out. ;D
It's kinda what happens when one solution becomes the dominating one.
Indeed. I have a friend who insists Macs never get viruses. I have to tell her they do, just fewer because people always go after the bigger dog first.
She said in her deviantart journal that she'd been using an out of date version, and I got the picture that she suspected that that might have been why she was so vulnerable.
I hope she tells us what she finds out!
She says that there was a vulnerability and it got exploited. She seems hopeful that the upgrades done to the site will prevent the problem from occuring again. All seems well for now.
Seems like there is a lot of that going around, to be sure. In possibly related but probably not news, three of my friend's email accounts were hacked today.
Again, apparently. That's horrible. That really sucks for her.
Augh! So, the mess is over. It turns out that I was just one of many people hacked in the same way.
Specifically, they targeted Wordpress installs hosted on GoDaddy. The problem wasn't that I was on Wordpress/Comicpress, but that I was on Godaddy, which apparently uses extremely out of date technology. If I hadn't just paid for an upgrade, I'd be switching right now. But my low funds mean I'm stuck with them for at least another year.
I appreciate everyone who told me about the problem (the malware was designed to be hard for the hosts to notice) and everyone who offered help. With the aid of my techie friends, we finally managed to fix the problem.
While I am very happy that people are working on alternatives to comicpress, (it's always good to have choices) I don't see myself switching anytime soon. It's very convenient for me, and I enjoy the very high level of customization and widgets I can use. =)
Quote from: Yamino on April 28, 2010, 06:38:36 PM
While I am very happy that people are working on alternatives to comicpress, (it's always good to have choices) I don't see myself switching anytime soon. It's very convenient for me, and I enjoy the very high level of customization and widgets I can use. =)
Even in light of the fact that it's not going to be updated ever again? (http://forum.webcomicscommunity.com/index.php/topic,498.0.html)
Oh, it will be. I hear there's already a Wordpress 3.0 in the works.
I have to be honest, now. While I greatly appreciate the efforts of people making alternatives to Comicpress (because I do believe it's important work) one of the issues I've had with the alternatives I've seen so far is that not only are they incompatible with any widgets I'd need to use, they are also extremely limiting as far as appearance. I'm very anal about what I want my comic page to look like, and a publishing platform with just two color themes isn't going to cut it for me. I need to have a level of customization.
And even though I did get hacked, I had a team of experts available 24/7 to help me fix the problem. That's also a big plus.
Up till now, I haven't had any problems, and as I said, it was more an issue of my host than the Wordpress/comicpress setup. Everything on my server that had php files was infected (including my php forum and gallery). So even if I had been running one of these alternative webcomic publishers, the same issue would have come up.
awesome post, Yamino!
Well, I know I sent you an e-mail about my system (which you never responded to).
Comic Reef may be lacking in widgets and such, but it was designed around full customization and writing your own html/CSS code.
That is a little out of left field, Yam. Both BK's platform and Dragonpower have full customization. Something you know because you were there step by step as I redesigned MotA.
Oy, this explains that.
I'm glad at least one of my three virus checkers spazzed out and nailed the sucker with some Nun-Fu. ;)
I don't know where I got the impression that Comic Reef had only two templates- maybe I got mixed up with another alternate comic publisher someone sent me. I know I read it at some point.
Anyway, I'm sorry I didn't reply to your email, BlkKnight. Around that time I was getting a LOT of emails with all sorts of proposals to get the site fixed, and I spent literally 2 entire days seated at my computer chatting with my techie friends to get it resolved. I didn't have time to reply to most of the messages I got then. I got messages from a couple other people suggesting I switch to a new comic publisher, but as I've mentioned already, it was not Wordpress or Comicpress that was causing the problem, it was my crappy GoDaddy server.
About ComicReef and Dragonpower, I think they are more geared to people who actually know more about coding than I do. People who have the time/experience to make widgets and major customizations if they needed to. I don't have that luxury. I lack the time and the technological savvy. I don't really WANT to become a coding expert. All I want to do is draw my comic. Wordpress/Comicpress is just far more convenient for me.
I want you guys to understand that it's nothing personal, I have nothing but respect for you for creating alternatives to wordpress. But I have yet to find one good reason why I should switch, aside from the argument that Wordpress is more likely to be attacked. But the flip side is that it's also much easier to get instant help for fixing it if that is that case.
You just can't seem to catch a break, can you? Third time.
Tell me about it. I've had it with GoDaddy. I'm currently backing up everything and preparing to move to a more secure host.
Hope that other host will work out better for you! Good luck with it.
Yeah, I hope it all works out better this time...
Couldn't believe it when I went on Sister Claire earlier and got a warning on AVG...
Here's some breaking news:
http://www.wpsecuritylock.com/cechriecom-com-script-wordpress-hacked-on-godaddy-case-study/
I've now switched over to Dreamhost. I'm also taking a couple other security measures, but hopefully this will be the end of that. D:
Wow... the article is bad enough but all those updates make it sound like no one knows what's going on or how to stop it.
Scary. :(
Dreamhost gets a lot of flack from folks using shared hosting to do what they're not supposed to be doing with shared hosting, but I've found them very responsive and their one-click wordpress updates have always worked just fine for me.
If you look in their forums, I also made a short tutorial about installing awstats for a wordpress install instead of their default stats program, fyi.
Dreamhost is pretty nice, and you can use coupon codes and stuff to get it very cheap for a year. However, I do sometimes get load speed and database errors from people on my shared server doing stupid stuff. And I have had to put up with maybe a day or so worth of down time in the eight months since I...
... Man. Eight months? I can't believe I've been updating that long 0_o