Over the last few days, something had gone horribly wrong with the site. I feel as if it’s been hacked, but I don’t find any evidence.
For some reason, Apache had stopped responding to the “www” hostname for a few days, which is why you’ve probably been unable to see the site (not that you tried). If you’d tried without the hostname (http://loonmagnet.net) you’d have seen the site minus images and style sheets. Then this morning, it suddenly started working again. What gives?
I’d been vaguely looking into the problem since I noticed the site stop responding on Saturday. It wasn’t until this morning that I actually figured out what was wrong. While I was writing a post about the problem, it suddenly went away. Later tonight I’ll try to figure out what went wrong and why.
The research I’ve already done turned up a bit of strange stuff in the access and error logs right before the site went down, but it mostly looks like the usual worms and bot net scans. There’s nothing definitive that looks like an attack succeeded. None of the usual scans of my machine have turned up anything amiss (Spybot, AVG, etc.); Reinstalled ZoneAlarm and I’m not seeing any unusual traffic . . .
Still.
I’m uncomfortable with the current state of affairs. The web server is running on my own personal PC (albeit under a dedicated user account with very limited privileges — at least I secured that much) and WordPress seems to have more that its fair share of vulnerabilities. It’s pretty easy to use, but I’m not really in love with it for any other reason.
I may find myself with an extra old PC laying around the house soon and should that come to pass, I think I’ll try installing Linux (DSL or FreeBSD are my likely choices) with Tomcat and move the site over to using Roller. Roller looks pretty full-featured, and has the added bonus of being Java-based (I know Java a lot better than I know PHP — also, PHP code is ugly).
Anyway, have fun out there. I’ll be having fun fighting with PCs on my end . . .
Loonmagnet 