Hardware failure and phishing attacks
After more than 1300 days of uninterrupted service, the good old PC that served the blog started to spontaneously reboot every 4 minutes or so. It looks like a hardware failure. I moved the site to a temporary machine. I am seriously considering renting a private virtual server and just forget about buying my own hardware in the future.
On top of that I discovered that evil forces planted a phishing attack on the blog about two weeks ago. The strategy was this:
- Create an account on my blog (I stupidly left registration open to everyone).
- Elevate account privileges to administrator by exploiting a WordPress security hole (I do not know which one).
- Upload evil files to the upload area.
- Direct phishing victims to the uploaded files.
So, keep your WordPress as closed as possible.