fixes malicious create_function() in wp_head (goro spam)

The new variant from wordpress.net.in & qwetro.com used the “anonymous PHP create_function” to append their spam links on their victim blog. Below is quick patch to disabled the mischievous “create_function” injection on wp_head.

Statcounter Update.sh Workaround (ip2location Informations Leak)

workaround for statcounter update.sh ip2location informations leak vulnerability. simple htaccess to block logs and shell scripts from public view.

Bluehost Hostmonster CEO Hacked Again

Mattheaton.com WordPress blog was first hijacked 2 months ago on 26 November 2007 . This is the third time it got hacked. It’s a big embarrassment for bluehost & hostmonster hosting to have their CEO’s blog being spamride every year . Matt’s is still using wordpress 2.3.1 ATM hopefully he could get his wordpress upgrade as soon as possible and fixed all his mess.