So this morning, a member of a mailing list I belong to pointed out to me that a Web site had reprinted an essay from my BDSM Web page without attribution.
At about 10:40 this morning, I started to write a polite email to the owner of that Web site asking him to attribute any of the material he uses from my Web site.
At about 10:44, I went to my BDSM page to copy the exact URL of the essay the other site owner had “borrowed” without permission. When I went to the BDSM page, an alert dialog popped up that just said “2”.
At 10:46, I reuploaded the page.
We went back and forth for quite while after that. Somehow, I don’t know how, he’d gained sufficient access to be able to change the httpd path and was trying, I believe, to install a hostile drive-by downloader script on my site. I successfully prevented him from doing so, and closed the holes as fast as he was opening them.
At about 11:15, I closed the injection vulnerabilities in the guestbook and reuploaded it. By 11:20, the attack was over, and I had re-uploaded a clean copy of the affected pages.
My heart is still pounding. It’s like PvP in World of Warcraft, only with higher stakes.
I didn’t keep a copy of the pages he was modifying, and I’m kicking myself for that now. In hindsight, I should have, but at the time the only thing I wanted to do was undo his changes faster than he could make them.