Day: September 19, 2007

Idiot breaks website; blames hackers. Film at 11.

So I’ve discovered the root cause of my site problems over the last few days.

As I host the site on my home PC, my IP address changes from time to time. I therefore use IP updating software from my domain registrar, DNSExit. That software worked just fine, and updated the domain IP just as it was configured to do. Unfortunately, a Russian spy sneaked in and mis-configured said software.

Based on my previous post, see if you can figure out what’s wrong with this configuration:

Screenshot of DNS Update configuration

Screenshot of DNS Update configuration

As noted elsewhere, I did my best to fight off the spy, but the damage was already done, and in sneaky, nefarious fashion.

Either that, or I’m an idiot. I like the bit about the Russian spy, myself.

Computers don’t fix themselves, do they?

Over the last few days, something had gone horribly wrong with the site. I feel as if it’s been hacked, but I don’t find any evidence.

For some reason, Apache had stopped responding to the “www” hostname for a few days, which is why you’ve probably been unable to see the site (not that you tried). If you’d tried without the hostname ( you’d have seen the site minus images and style sheets. Then this morning, it suddenly started working again. What gives?

I’d been vaguely looking into the problem since I noticed the site stop responding on Saturday. It wasn’t until this morning that I actually figured out what was wrong. While I was writing a post about the problem, it suddenly went away. Later tonight I’ll try to figure out what went wrong and why.

The research I’ve already done turned up a bit of strange stuff in the access and error logs right before the site went down, but it mostly looks like the usual worms and bot net scans. There’s nothing definitive that looks like an attack succeeded. None of the usual scans of my machine have turned up anything amiss (Spybot, AVG, etc.); Reinstalled ZoneAlarm and I’m not seeing any unusual traffic . . .


I’m uncomfortable with the current state of affairs. The web server is running on my own personal PC (albeit under a dedicated user account with very limited privileges — at least I secured that much) and WordPress seems to have more that its fair share of vulnerabilities. It’s pretty easy to use, but I’m not really in love with it for any other reason.

I may find myself with an extra old PC laying around the house soon and should that come to pass, I think I’ll try installing Linux (DSL or FreeBSD are my likely choices) with Tomcat and move the site over to using Roller. Roller looks pretty full-featured, and has the added bonus of being Java-based (I know Java a lot better than I know PHP — also, PHP code is ugly).

Anyway, have fun out there. I’ll be having fun fighting with PCs on my end . . .