Yes, the rumors are true, something happened to my site. I got “hacked” or “defaced” or whatever they call it now. I’m still not sure where the security breach was because I’m using the latest version of WordPress, and I trust the guy who made the Guestblock. The only thing I’m wary about is my email form (that I have since disabled), since I just used a PHP script provided online by somebody who I don’t think even provides it anymore. I’m not sure if it had form field vaildation performed at any stage (in retrospect, it was stupid to use it if I didn’t know for sure) so I’m figuring that’s where it was.
I do run some other things like PHPquotes and PHPcurrently on my site, but those are password protected, so I don’t think it’s that either.
Anyway, I re-uploaded my index page (that’s the only page that got messed with, as far as I know) and things seem to be running okay.
The last time this happened, it was done by somebody else and I think they got in by using my crappy guestbook. *sigh* Should I send an email to my server people? I doubt it’s their fault, but maybe they could tell me what to do.
I am so infinitely glad that this wasn’t a “Mass Defacement” where they replace every single index page on your site with their weird message. It wouldn’t be as devastating this time around, just because I really don’t have any subdomains anymore, but it’d still be a pain in the ass.
To conclude, I apologize for being an idiot and using an email script that had questionable form field validation. I shall now go memorize Jem’s tutorial about email forms.