If you visited yesterday, you might have seen a sign up saying that the site was fucked up. And it was. Here is what happened.

I had a number of CodeGrrl Scripts running on this domain, including PHPFanBase and Flinx. A while ago I found out that the PHPFanBase script has a vulnerability, but the awesome gals at CodeGrrl came up with a fix. I installed it and thought all was well until yesterday when I logged on to my domain and saw this:

Immediately I freaked out. I was able to log into WP and my CPanel, and I immediately changed my passwords. It seemed the offfender had only placed a new index.html file in my root directory, so I deleted it. I found out on {DMB} that this was the result of the CodeGrrl vulnerability, but how could that be? I fixed that!

After a visit to the CodeGrrl Forums I found out that ALL of their scripts were vulnerable, and as yet there are no fixes. Well, as much as I like their scripts, I’m not going to expose my site to further attack, so I sadly decided to switch to another script I saw a lot of FLs using, Enthusiast. I’m so glad I did! It’s much more secure and also a lot lighter. Instead of having to re-install PHPFanBase everytime I acquire a new FL, I only need to use the Control Panel to add the new FL. It’s so very nice. It will make my FLs a lot easier to manage as well.

I’m still waiting to convert my Flinx over to Enthusiast, but all of my owned FLs are already converted with little problems. Thanks so much Angela for Enthusiast!

After I installed Enthusiast, I noticed something else. All of a sudden my WordPress blog was displaying all janky and none of my themes worked. Also some of my posts were cut off mid-post. I was especially upset about this since the themes are such a bitch to fix. I had to go out though so I couldn’t fix it yet.

Luckily, before I installed Enthusiast I backed up all of my databases. This morning I decided to restore my WP database since the post symptom seemed to point to that. Lo and Behold, it worked! Everything is fine again and I’m so glad. 💡

Hopefully all of you out there using CodeGrrl scripts will be aware of their vulnerabilities now. It’s too bad though, I liked their scripts. Hopefully they get them fixed soon!