Another weapon against WordPress Theme hacking

I was trying out the new Safari 4 Beta when I discovered that my site was being considered armed and dangerous. At first, I thought it was Google down again, but I wouldn’t think they can make the same mistake twice like that. After I read their report I figured maybe it was because I’m hosted at DreamHost and my server IP address is shared with other malicious sites. I posted on Twitter and Ben Hyde suggested I checked on #dreamhost on freenode for a possible answer and I’m glad I did. A guy asks for my URL, checks it and asks whether I meant for a hidden iframe at the bottom of my page to some shady domain. Bingo! I’ve been compromised again. This simply sucks.

Fool me once, shame on me and you can ask Bush for the rest, but the first thing that came to mind was to write a cron job that saves a hash of my template files, checks it daily and mails me whenever it changes. And don’t worry, I was thinking of you too, WordPress-using reader. So I wrote the function as a WordPress plugin so others can benefit from it, until the spammers catch up with it. It’s very simple and to the point, but I made sure it was as hands-off as possible.

Instructions

• Make sure your WordPress installation and template are safe.
• Download the code to your WP plugins folder and rename the file extension to .php
• Activate the plugin.
• That’s pretty much it.

The first time it runs it will compute a signature based on your template files’ content. Then, it will check the content hasn’t changed once a day. In the case your theme get hacked and the contents of your files change, my plugin will discover that and mail you immediately. In fact, it will continue emailing you every day until you fix it. Additionally, it’ll show you a nice notice in your admin panel to warn you that someone changed your theme. If you want to reset it the warning, simply deactivate/activate the plugin to start fresh.

I must say that as much as I hate having to figure out how WordPress works on its entirety every time I write one of these, the end result is short, sweet and very powerful.