So I'm using this Pligg install as one of my Dreamhost installs. Its not really a big deal, it doesn't really have any traffic or revenue to speak of so I kind of left it at a lower priority.
Anyway, two weeks ago I get the email from Pligg saying a new security release is being pushed but I figure I can procrastinate a few extra days before messing with the upgrade. I was using a template I liked, but it was written for a very old version and it takes a lot of manipulation to make it work with every upgrade.
So here's what happened:
-Someone sets up the AutoPligg script targeting my site. Every five or ten minutes a new member signs up. Every five to ten minutes new members are leaving automated links to "bad neighborhood" sites.
Fine - I decide to handle it manually at first, deleting all the comments through the admin panel of the site.
I go to bed and wake up, and everything is spammed up again. I go to admin, click on comment administration - and BOOM! I'm redirected to someone's affiliate link store-front.
I check the PHP files - nothing out of the ordinary that I can find. I check the Google - no advice can be found on this particular attack.
Long story short, I end up having to delete every single file, the database, the template I had somewhat kept up to date, and completely start over.
Here's what I learned: In the world of website software, 10 days is way too long to wait for a security release. I thought working out the tweaks potentially involved in the Dreamhost one-click updates would be too much effort, and it ended up being nothing compared to rebuilding the entire site from scratch again.
Ok. That's my rant.
I feel better because I got the recovery done and maybe one of you can read this and be reminded to go check up your software installs before you are forced to completely delete and re-install.
my obligatory dreamhost coupon