Anyone visiting the site in the last couple of days may have found that I appeared to have simultaneously developed a fanatical interest in middle eastern politics, and a very poor taste in music. Whilst it’s very convenient to have a simple to use blogging engine such as WordPress to use, I guess the downside is that you occasionally make yourself the target of automated attacks.
It’s not completely clear how the site was compromised – there’s only one admin account on the site with a pretty unusual password (now changed) which wasn’t recycled elsewhere so that seems an unlikely avenue of attack. Some kind of compromise within WordPress seems more likely. The site was running the most recent available update of WordPress available from my web host, but there was an additional point update which was available but not applied. I guess I need to learn my lesson and make sure it’s always running the latest release, even if that means doing the update myself.
Fortunately I had a full backup of the site to fall back on (whoever defaced the site also kindly deleted all of the existing content) so I was able to put everything back. I did however find that even if I didn’t have a backup that I could recover every post I’d ever written from google’s cache, so it’s very generous of them to provide such an efficient backup service for the whole internet.
Hopefully now that I’m completely up to date with my wordpress version there shouldn’t be any more problems on the site. Apologies for any inconvenience caused whilst the site was a mess.