There are a few things I’ve done in the interest of making it take a few seconds longer to trash the site. First, I turned off all of the fancy-ass, trackback, social media bullshit. That’s fine. No one was using that and it shouldn’t be on by default anyway (seriously, wtf). Sadly, the second thing I’ve done is disable comments. I’m not sure, but I have reason to believe that the comment system was the source of the compromise last time. I certainly found a bunch of unpleasant looking stuff in the error logs that was directed at the comment portal. Of course, it’s equally likely the admin account was brute-forced so I guess there’s that too. I’ve resolved to keep better backups (once again) and I’ve read a few hopeful things about how to make it harder to knock this over but I’ve also kind of resigned myself to the idea that I’m going to have to do this again and I’ve taken some steps to make that easier as well.
I ought to keep a counter of how long this stays unmolested. Anyway, if you want to get my attention about something and don’t already know how, you can send mail to the admin address or whatever. Sorry.