The site got hit by another malware attack recently. Well, I say ‘recently’ but I traced it back to January but it’s just that nobody noticed, not even me. Embarrassing.
The malware injected adverts into the website, both banner adverts and pop-ups.
I think I have cleared it now. This one seemed to be far less insidious than the last one, and I am cautiously optimistic here, but it is still pretty concerning as I have the site really locked down.
Somehow the attacker managed to make a successful login with the admin account, even though the password is cryptographically secure and unique to the site. They must have used some kind of exploit whereby they tricked the server into telling them the password. I have mitigated this by configuring the web server so it only allows access to the admin area from the IP address of my desktop PC. It means I can’t administer the site from my phone any more, but that’s a minor price to pay.
Anyway, if you ever see adverts on this site then let me know, because it means the site has been hacked again.