My Support forum was just hacked by SeaNPauL of RootingAttack.Net

The forum is powered by SMF 1.1RC3. The Settings.php had write permissions and the contents of this file were modified.

I’ve replaced the file with my backup and have removed write permissions from each and every file. I don’t think any data has been lost.

Also removed write permissions from files in all my websites.

I’m really shocked to see this hack. Does this mean that any file with write permissions is vulnerable? Or is it only SMF?

This is the first time I’ve been hacked. Has been a learning experience, though I really need to learn a lot more here.

Thanks to Thilak for finding out that my site was hacked and informing of the same.

I have faced a good deal of problem with sploggers.

While I had one who just stole every post of mine, another kept picking up all my posts because it had the content “copyright”!
And that is because my feeds include a copyright notice.

Owen has released a new plugin title AntiLeech which helps fight sploggers.

AntiLeech does not prevent the splogger bots from accessing your site. It produces a fake set of content especially for them that includes links back to your site (and mine, too, ok?) and sends it only to them. When they steal this content, it appears online just like normal, except now you’ve turned the tables on them and have provided them with useless content.

Read more and download the plugin »

While checking the Whois of my domains, a whois for this blog revealed a link from AboutUs.org.

I have mixed feelings about this one.

Here is why:

For those who are not aware, AboutUs.org is a wiki which hopes to capture information of all the domains in the world. I believe this “capturing” is done by a bot which gathers information about the domain from the site, its whois, alexa, technorati and possibly other places.

It seems rather good to have your website on a website whos popularity is rising sharply (the last week Alexa rank is around 4000)
However, doesn’t it also appear to be a breach of privacy, copyrights and more?

Copyright Infringement:

Text from you site is scraped by the bot and displayed on the wiki.
Text from my about page has been copied as is. If the text on your site is copyrighted (which is the case of many blogs today), then AboutUs.org directly infringes your copyright!

Privacy:

Your contact information is made public. My email address was publically visible (via a graphic). I also noticed that the entire contact information, including my phone number was visible for another of my sites. They have a page on how to protect your email address, but why does it get listed in the first place?

While many may debate that all this information was anyway available via a simple whois, I am of the opinion that I have willingly submitted my information while registering my domain. I have not submitted the information to AboutUs.org and hence it is not correct for them to display this information publically.
A private domain registration can protect your information, but it comes at an additional cost.

Freely Edittable Information:

AboutUs is a wiki. As a result anybody can edit / delete the information of your website. This means that you will have to continuously track your website details to ensure that nobody has put any false data about your website.
What is even worse is that you can edit the information without even signing up! :O
That means you can use a good proxy server, edit an article and not bother about being tracked for any incorrect changes!

Ray King’s (the man behind AboutUs) User Talk already has a few angry comments, and I am sure these will just increase with time.

What to do about it?

As of now, there isn’t any way to delete your website from the listing.

So, the best thing to do is create an account, login and edit the information of the pages. Remove all contact information that you don’t like.
I also suggest adding your other websites, which aren’t already listed and editting their information.
This will ensure that your contact information doesn’t suddenly turn up because the bot, or someone else decides to add your site.

Do tell me what are your opinions on this issue? Do you agree with the concept of AboutUs.org? Or are you against it? Or do you think we should just not bother?

Have you dugg this post?

Update 1: View Ray’s Reply

Update 2: You can now use robots.txt to block the bot (Thanks Daniel)

Add the following code to your robots.txt files. Read more about the AboutUsBot.

User-agent: AboutUsBot
Disallow: /

Update 3: Rays efforts are being appreciated. View Tazzy and Piggy’s Comments.