I think I might look for another blog application to use. A few days ago, this one was used by some script kiddies to deface my web site. I don’t usually look at my own index page, so I didn’t even know! I was looking at a web stats report and saw a strange referrer there. I decided to check it out, and found that my site was on a list of what they call “owned” sites. Actually, just because a php script vulnerability was exploited, it doesn’t mean the site was “owned.” What’s implied by that term is that root access was gained. That’s not the case in this situation. I have seen what can happen when that occurs, and it’s not pretty!
I got the security hole fixed, according to the author’s recommendation. I really have to say that I hate hackers and script kiddies. They’re nothing more than vandals. If they were as smart as they think they are, they’d be in business making money, not playing around, doing the cyber equivalent of scratching cars with keys in parking lots.