March 2010
March 14, 2010 – Sermon: Aaron West
March 7, 2010 – Sermon: Gene Cornett
Add comment March 8th, 2010
Posts filed under 'Media'
February 2010
February 21, 2010 – Sermon: Gene Cornett
February 7, 2010 – Sermon: Aaron West
Add comment February 7th, 2010
January 2010
January 24, 2010 – Sermon: Gene Cornett
January 17, 2010 – Sermon: Series: Seeking Him Part 1: Renewal of the Heart, Jeremiah 3:19-4:4, Gene Cornett
January 3, 2010 – Sermon: Gene Cornett
Add comment January 3rd, 2010
December 2009
December 27, 2009 – Sermon: TJ Woodfin
December 13, 2009 – Sermon: TJ Woodfin
December 6, 2009 – Sermon: Gene Cornett
Add comment December 9th, 2009
Removing Old Sermons
It’s that time of year again – we will be removing last year’s (2008) sermons from the web server to free up about 1GB of space. This will be done no later than December 13, so get them while you can!
Add comment November 25th, 2009
November 2009
November 29, 2009 – Sermon: Gene Cornett
November 22, 2009 – Sermon: Gene Cornett
November 15, 2009 – Sermon: Aaron West
November 8, 2009 – Sermon: Aaron West
November 1, 2009 – Sermon: David Bounds
Add comment November 1st, 2009
October 2009
October 25, 2009 – Sermon: David Bounds
October 18, 2009 – Sermon: Dr. Jeff Ginn
October 11, 2009 – Sermon: Gene Cornett
October 4, 2009 – Sermon: Aaron West
Add comment October 4th, 2009
September 2009
September 27, 2009 – Sermon: Aaron West
September 20, 2009 – Sermon: Gene Cornett
September 6, 2009 – Sermon: Gene Cornett
Add comment September 10th, 2009
The Blog and ‘Attack Site’ Issue…
Web design and implementation can be a funny thing. You may have noticed the theme has changed on our blog – there is a reason for that! Many use Internet Explorer as their browser of choice and never noticed any issue with the blog, but for those that used Safari, Chrome or Firefox the last couple of days were not good days to visit the blog. But I digress – let’s look at the technical issues.
On 8/14 yours truly visited this blog in the morning to review statistics. All was well. Later that day, I visited again and was greeted with the page that stated the site was a reported attack site. Perplexed, I needed to get this taken care of! Here’s some information found for individuals using Firefox about this page (and this great feature in this browser):
Malware is software designed to harm your computer or steal your personal information without your knowledge. Attack Sites are Web sites that try to infect your computer with malware when you visit. These attacks can be very difficult to detect; even a site that looks safe may be secretly trying to attack you. Attackers will often hack a site to turn it into an Attack Site, and sometimes the Web site’s owner won’t even know that this has happened. You can learn more about Attack Sites and malware from stopbadware.org, a partnership among academic institutions, technology industry leaders, and volunteers committed to protecting Internet users from threats to their privacy and security caused by bad software.
Well, I had seen the page before on other sites, never on one I managed. Time to dig in. First, we were not hacked. I keep the blog patched (upgraded Wordpress to 2.8.4 on 8/12/09). We moderate comments. We don’t have ads on the blog. Seems we’re doing the right things, but we have a problem.
I followed the instructions found in Google Webmaster Tools, reviewed what was found (a single page that pointed to an attack site) and started my hunt. I reviewed all comments, any posts with links, everything I knew to do to see if I could find the culprit – no luck.
I contacted the hosting company – and they are the best in my humble opinion – and connected with Richard Carter. Richard looked over the site and found the culprit – it was buried in our theme. We had that particular theme for 3 years now, and I have made no changes to it. The pages in question were dated in May of this year as to their last saved date. but obfuscated in those pages were a line of code that pointed to an attack site. Richard removed the offending lines of code and we were clean.
(As a side note, Richard also pointed me to WOT – Web of Trust – and I am now using this as a plug in for Firefox. You can use it in other browsers as well and I recommend giving it a whirl.)
Now I had work to do…since the theme we were using was older and not very popular (online, I liked it), it made sense just to change the theme. I also had to go back and let a couple of organizations know we believed the site was now ‘clean’ and ask them to review it to be removed from the list (so folks surfing didn’t see the same page I did).
I also got a couple of inquiries as to what was going on, but 2 didn’t seem like many with all the traffic the blog got over this period (so many folks are using Internet Explorer and were possibly exposed to security challenges from a third party site, I have not heard of any negative ramifications to date). My advise for Internet Explorer users, at a minimum install WOT so you get some indication that a site may be dangerous! The code in our site was dormant code that was not activated on our site but was activated by a third site on the 14th – and if this happened to us it happened to many others (and could happen to other sites at any given time).
So that is what was going on. Everything is fine now, but this may be of interest to some that noticed something odd over the last couple of days.
Timeline:
- 8/12 – standard security update applied
- 8/14 – noticed issue in the afternoon
- 8/15 – Had issue fixed thanks to hosting support at 7am
- 8/17 – Site back to normal with no warnings from browser and removed from attack site lists
1 comment August 17th, 2009
August 2009
August 30, 2009 – Sermon: Gene Cornett
August 9, 2009 – Sermon: Gene Cornett
August 2, 2009 – Sermon: Jack Duffer
Add comment August 9th, 2009