Each morning I check all of my websites. I found the easiest way is to use the tabbed interface of Firefox. I open all of the sites and then tell Firefox to use the current pages as my home page. The next time I start Firefox it automagically loads each page in a new tab. On Saturday I was surprised and shocked to find one of my sites had been defaced. Instead of my normal drab page I found a semi-nude female and some sort of political announcement. After the initial shock wore off I was kind of bemused. The site is a low traffic site so in a wierd way I was surprised they chose my site. Well, after going through shock, bemusement, and surprise I got down to business and started changing passwords, changing the home page back to the original, and checking for any other changed files.<\/p>\n
My host provider provides daily, weekly, and monthly backups. Now that I had a problem I started looking closely at all of the administrative type problems I had been ignoring. Some of the problems I noticed were:<\/p>\n
The second problem led me astray with the first problem for a while. I fixed the second problem by using Cygwin and gunzip to expand the file without error messages. I eventually found out that this is not unusual and can be ignored. Assured I was using a good backup I used Winzip to sort the files in the backup based on file size. I quickly found the culprit, Spamassassin’s autowhitelist. It was 45 MB. From there it was not hard to find out that the backup also included files I had deleted. It is nice to know they are there but it is a pain when you are anxious for the download to complete.<\/p>\n
After a little playing around I found a way to pull out only the web site directories. I pulled out the directory tree for the weekly backup and then created a md5 digest for the files in that tree. I repeated this process with a daily backup and compared the digest to the new tree. I found only a few changes and I could explain all of them. Whew!<\/p>\n
Okay, here’s the roll call of utilities that helped me. Although I used Cygwin’s utilities and Winzip to figure things out, I found that the command line version of 7-zip<\/a> is a faster and more convenient solution. I never did figure out a convenient way to extract just one directory from a tar file with Winzip. I ended up creating shell scripts for Cygwin and a bat file for Windows so I will not have to reinvent the wheel next time. Although I did work briefly with Fsum and it maybe faster, md5summer<\/a> is the more convenient solution of creating and comparing md5 digests. For those who are curious, it takes about six minutes for my P3-700 to calculate the md5 digest(638K) of the directory tree.<\/p>\n","protected":false},"excerpt":{"rendered":" Each morning I check all of my websites. I found the easiest way is to use the tabbed interface of Firefox. I open all of the sites and then tell Firefox to use the current pages as my home page. The next time I start Firefox it automagically loads each page in a new tab. … Continue reading “Defaced web site”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[5],"tags":[],"class_list":["post-234","post","type-post","status-publish","format-standard","hentry","category-linux"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p4iN3d-3M","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/posts\/234","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/comments?post=234"}],"version-history":[{"count":0,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/posts\/234\/revisions"}],"wp:attachment":[{"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/media?parent=234"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/categories?post=234"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/tags?post=234"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}