Then I ran out and got fresh clean copies of WordPress and all my plugins. And on a complete whim I just nuked my old theme since I knew WordPress was giving me a clean copy of TwentyTen, and my old theme wasn’t widget aware.

I’ve done some minor customization involving grabbing a pretty tiling background from Webtreats, creating a header image to match using Illustrator and a font I like called Lady Rene, and making some minor CSS tweaks to the theme so that the navigation menu picks up the header image colors. I also re-added some sidebar items using widgets instead of editing the sidebar.php file like I had to do with my crusty but trusty old theme.

This isn’t really the look and feel I intend for my site yet, but it will suffice until I really get rolling on a new design. Meanwhile I’m learning that two other sites I maintain have the same evil hack in them (sigh), so I will have to devote some significant time tomorrow to fix them. And I also need to check and see if code has been injected into my database, but after almost deleting all my site files I am a little gunshy considering that it’s 1:25am and I’m even more tired and prone to errors than I was earlier. So the database check will wait until after I sleep.

I’ve been following guidance from Smackdown on cleaning up the hack. Next up will be Hardening WordPress. But between bouts of this unpleasant business there will be the fun of creating art for #ds106, and for that I’m grateful!

While under the hood I removed the laurel from a 2007 “first annual” film festival that has never been repeated and nixed the delicious.com badge. There is much more work to do, but I thank #ds106 for starting me on the road to recovery over here. I don’t want this site to to say I don’t care, but that’s what it’s been saying. I may not be able to get it the way I want it before I have to leave for a month in England, but I can at least get started.

Your server stats can alert you the myriad ways that bad people are trying to hack into your site and use it for their own purposes. Today’s example comes right out of my server statistics Failed Requests section.

Click image for legible version of the failure report.

My report shows multiple failed attempts to get two files, wordtube-button.php and wptable-button.php, by trolling through multiple plugin directories. It didn’t take long in the search engines to find that both files come from WordPress plugins by the same developer. I found that in older versions of his wordTube and wp-Table plugins, input passed to these two php files is not properly verified before being used to include files. New versions of these plugins that close this little security flaw are now available. So hackers are out there randomly hunting for people who have older versions of these plugins installed to exploit them and distribute who knows what.

I don’t even have these plugins installed! But that fact, plus the briefest scrutiny of what directories the failed requests were coming from was enough to spot the pattern and make me go “hmmmmm.”

Now if only there were a plugin that allowed me to send the people hunting for this exploit to hell, I’d be all set.

Watch your server stats, friends. There’s an awful lot of useful stuff in there. The Failed Reports section is often a great indicator of thwarted hacks and other funny business.

For documentation’s sake so I can find all this if I need it again, here’s what fixed it. I found XMLRPC Error with WordPress (SOLUTION) in the Dreamhost support forum. The post said to add this code block to your xmlrpc.php file:

if (phpversion()=="5.2.2") $GLOBALS['HTTP_RAW_POST_DATA'] =
file_get_contents("php://input");

I had already tried adding this, but to no avail. With or without it, my installation of WordPress was not taking posts from Flickr or Blip.tv. But the poster went on to add that the beginning of his xmlrpc.php file looked like this:

<?php

define ('XMLRPC_REQUEST', TRUE);

// Some browser-embedded clients send cookies. We don't want them.
$_COOKIE = array();

if (phpversion()=="5.2.2") $GLOBALS['HTTP_RAW_POST_DATA'] =
file_get_contents("php://input");

That’s when I realized that my own xmlrpc.php file did not have the

define ('XMLRPC_REQUEST', TRUE);

line. That was the key to the kingdom. Posting from Flickr and Blip.tv is working again for this bird. Hooray!

I updated the graphics and color scheme for What We Found by using the deadly Color Palette Generator at DeGraeve.com.

To use it, you give it the URL of any image on the web. Then you click the Color-Palette-ify button and it generates both a dull and vibrant palette for you by sampling colors from the image. It freaking rocks.

In my case, I gave it the URL of my own photograph, hosted on Flickr. But you can use any image you can find. So go find a beautiful picture, and generate your own color palette.

I’ve hurriedly launched this site so that I can get it functional as a podcast and vlog. I need to get some audio files out to friends new and old, and I need to be ready to upload files from the road … more on that later. I used to blog at hummingcrow.info, but chose not to renew the domain when the .info addresses became such a source of spam. Still online is my mother-daughter travelogue, dreaming down under, and my photo and graphics portfolio.

This particular site has yet to find its voice. My nickname, hummingcrow, comes from a juxtaposition of the joy I find in singing and the out-of-practice state of my voice. It’s a good metaphor for my life right now. I’m a little lost in the wilderness, so I speak with one squal voice.