Machina Memorialis was hacked in the past few days so that all the .php files had an additional line of code added to redirect traffic to a Russian site. Everything’s cleaned up and there’s a snazzy new theme to boot. The code, inserted in the first line of each .php file, begins with the code php /**/ eval(base64_decode("

I thought I’d share some useful resources which helped me get the blog back to normal with a minimum of pain. First, this YouTube video helped me diagnose my problem.
You need to a flashplayer enabled browser to view this YouTube video

Simple enough, but I was looking at the prospect of having to manually fix each and every .php file. Hoping for a better solution, I posted the situation to Facebook and George Williams provided a link to the blog post “Possible fixes for recent WordPress hack,”which provides links to Sucuri.net’s post that includes an easy to install and run .php script that will clean up your code. I recommend starting with the link Williams gave me first as it includes some additional useful information.

Update: Bradley Dilger has also provided me with a link to WordPress.org’s article “Hardening WordPress,” which explains how to make your blog more secure.