Disinfecting the Doc…

We here at Doc Gurley were more than a tad bit dismayed to find a stinky lump of programming coal in our Christmas stocking. It

Surface of the sun
Image by kevindooley via Flickr

appears that someone inserted a tiny amount of pustulant code on our site on October 28. This bit of bytes silently festered until Christmas Eve. Like a Grinch, a SQL injection attack (yes, that is the actual name for it, to which I can only reply, ouch) attempted to steal our Homeless Gift Guide good cheer by prompting Google to paste all over the Internet extremely alarming warnings about what might happen to you if you visited DocGurley.com (I personally saw warnings about penile explosions, knee palpitations, and the remote possibility of a terminal case of hair halitosis). So what does this mean to the occasional (or, hopefully, frequent) Doc Gurley visitor? Luckily, for you, this scrofulous boil of code means absolutely nothing, other than an annoying alarm message from Google (who thankfully alerted us, and many other sites to this issue). For me,  besides a full-scale tech-heart-attack, I have lost traffic, especially those disheartened visitors who may never return. In addition, the code actually was trying to alter my Google traffic reports. There are at least two reasons why it would do this. The first is possibly as a way to set up a “bot-net” (don’t ask me – I thought this word sounds like a new fluffy wand for catching butterflies). The second reason to alter Google traffic reports is to inflate numbers for another site in order to get more ad revenue. The nice news is that there was no “virus” as most of us think of them – any visitors who came to DocGurley should be perfectly fine.

Bottom line – whew.  Gone, no harm, no foul (well, except for that lingering stench that a good tech incision and drainage leaves behind…). So if you are a fun-of-the-mill health blogger, can this happen to you? Unfortunately, yes. Even if you, like me, update your WordPress regularly (VERY important), and use great anti-virus software. If you want to know more about how to find the pus-pocket of bytes once you know it exists, all I can say is, from what I saw, it takes a lot of molecular-level code-scanning and knowing exactly what code you’re looking at. Then, when you find it, the entire site has to be saved, then altered, then re-built. After that, you let Google know you’ve deleted the abscess, and wait for the official all-clear so the warning flags can be removed. And (this is a crucial point here) you need someone who’ll do this detailed, exhausting (and unpaid) work on Christmas Day while you are busy having hysterics in the bathroom. Perhaps someone like, for example, a husband. Hey – it’s good to know we’re starting the New Year all fresh, starched and sterilized here at Doc Gurley headquarters!

Were you a victim of a SQL injection attack yourself? How did you find out you had one – did you get a discharge? A lingering odor? Or did Google go all “partner-notification” on you too?

Reblog this post [with Zemanta]

Comments are closed.