This WordPress blog was hacked the second time!

Yes, I found it out today and I have just fixed it!

During the process I found I had another case of SQL injection as two new users (admin level) were added. Besides plugins I suspects the uploads folder might be the most likely place the hacker used because its permission is set to 777 by default — 777 permission for a folder or file means anyone can read, write or execute the file or files in a particular folder. If you do not use WordPress’s built-in feature to upload images, change it to 744 and add these two lines to your wp-config.php file:

define(‘FS_CHMOD_DIR’, (0755 & ~ umask()));
define(‘FS_CHMOD_FILE’, (0644 & ~ umask()));

Another thing I have learned for the wp-config.php file is the fresh security keys you can get at – BTW, it is the first thing you should do by replacing the old keys with new ones so that the hacker cannot login using a saved cookie on his side.

Note the address is, not – the latter only gives you a four-line while the former gives a total of eight lines of keys.

I have done several other things to tighten up the securities for this site which I cannot reveal all. Just search the internet for the measures yourself. Be selective for what themes or plugins you use – they are free for a reason.


How I restored my WordPress blog hacked by the Tunisian Hacker

I was shocked to find this afternoon that this blog was hacked! The home page was displaying the following lines with rock music playing in the background:

Im Not Afraid , Because I’am Tunisian HaCKeR
Facebook ID :
Greetz to : Mohamed 0wNeR & All TuNiSiEN
Hotmail ID :

I spent a few hours trying to get it restored and I am reporting here what the hacker did to my blog and how I fixed the problem – hope it helps you restore your blog to normal too.

As soon as I found about this problem, I tried to change my admin login password but only to find that I could not do that! I did use the blog’s built-in feature to send me a link so that I could click and reset the password. For this I received all the emails I requested but whenever I tried to enter a new password to reset it, the blog gave me a “page not found” error. So basically I could not login as admin by resetting the password.

Then I downloaded a copy of wp-config.php to my computer via FTP and then changed the Authentication Unique Keys in it using the secret-key service located here – I learned from Googling that this will disable the cache and cookie on the hacker’s side immediately. This is the first thing that I should have done in the first place.

Having done that, I logged into my site’s cPanel and checked a few things around. What I found using phpMyAdmin in the MySQL database was that the hacker had added himself (ramzi) as a admin and changed me, the real admin, to a status that had a value of 0 for “user_status”!

I immediately removed this user from phpMyAdmin. After searching for user’s post by “ramzi”, I found none which means the hacker did not add any posts to the blog. Nevertheless, removing the hacker admin account did not solve the problem – the homepage still displayed his hacker page!

Then I suspected that the hacker must have done something to the theme files. So I removed the themes folder completely and then downloaded the theme file fresh and uploaded to the server – that fixed the hacked homepage!

By then only one problem remained – I could not log in as admin at all! Changing the value for “user_status” from 0 to 1 via phpMyAdmin did not help at all.

Initially I thought the hacker had tampered with files in the wp-admin folder. So I removed the wp-admin folder completely and then uploaded fresh content for that folder out of the newly downloaded WordPress zip file – no, that did not solve the problem and I still could not login.

Then I searched and found this page that really helped me to reset my admin login password using phpMyAdmin – please click the link and read the detailed instructions there.

Is your WordPress hacked in a similar fashion? Hope that you can get it fixed and I would like to hear from you how you did it.


Linux Mint 11 is much better than 10

I have upgraded all the computers that are under my control in the house to Linux Mint 11 (Katya)! I must say that it is much better than Linux Mint 10.

It runs very fast and very stable. If you have not upgraded it yet, you should. You will love it too.

New features at a glance:

For a complete overview and to see screenshots of the new features, visit: “What’s new in Linux Mint 11“.


Get Google Earth Installed and Run in Linux Mint Debian Edition (LMDE)

get Google Earth run in Linux Mint Debian Edition - LMDEAs indicated in my earlier post here, Linux Mint Debian Edition (LMDE) runs much faster than Ubuntu and any other version of Linux Mint. I really really like it. However, one thing had frustrated me for almost a week: I could not get Google Earth installed and run in LMDE.

Well, later on we found that Google Earth was indeed installed but it crashed immediately after being started. I literally tried all the installation methods I could find over the internet. I even sent the Google Earth crash report to Google. None helped me solve this problem. Then I saw someone on the Linux Mint forum mentioned about the 3D GLX Renderer issue – Google Earth needs a 3D video driver to display things properly. The command to see if the GLX Renderer is working is this command on the Linux terminal:

inxi -G

My output before Google Earth was working was this:

Graphics: Card ATI RS480 [Radeon Xpress 200G Series] X.Org 1.7.7 Res: 1360×768@60.0hz
GLX Renderer N/A GLX Version N/A

So this means that the GLX Renderer is not working at all. This is why I could not run Google Earth on LMDE and why it crashed right away after being started. THE SOLUTION?

Very simple… just use Synapitc to install a package called “libgl1-mesa-dri” – just that, nothing more! Remember to reboot your machine after installing “libgl1-mesa-dri”

If you have not installed Google Earth at all, install the “libgl1-mesa-dri” package first using Synaptic and then use the following commands to install Google Earth:

sudo apt-get install googleearth-package
sudo make-googleearth-package --force
ls (see see the exact filename for the .deb file created)
sudo dpkg -i --force-architecture googleearth_x.x.xxxx.xxxx.deb (use the exact filename)
googleearth (if you see it running, then success!)

Viola! Google Earth should run in LMDE without any problem 🙂


Linux Mint Debian Edition (LMDE) Runs Much Faster Than Ubuntu!

On the home computer that I personally use the most (HP Pavilion). I used to install and run Ubuntu Studio for a year or so. However, I find that Ubuntu was resource hungry on this machine as sometimes I heard the CPU high speed fan kicked on when the CPU usage is very high (it is a three-core machine). After I upgraded to Ubuntu 10.10 beta, it got even worse.

So I switched to Linux Mint 9 which runs pretty well on several other computers in our house and business. It helped a lot after this switch.

But then I heard about this Linux Mint Debian Edition (LMDE) that people love and talk a lot about. Besides the advantage of installing once for all and upgrading in the rolling fashion, most people say it runs much faster than Linux Mint 9 which is based on Ubuntu. Having heard so many comments about it, I decided to give LMDE a try even though it is the first and a rough version rushed by the Linux Mint team.

You know what?

The install went smoothly (luckily I know how to use GParted) and indeed this system runs extremely fast – faster than any version of Ubuntu out there and even faster than Linux Mint 9! Now my HP Pavilion CPU fan does not need to be kicked on and the machine is quite and happy running LMDE 🙂

I highly recommend Linux Mint Debian Edition. Click here to learn more about this linux operating system and download the live DVD ISO file. If you think the comments on the previous link are too many, click here to check this consolidated LMDE feedback and reviews.

Note 1: If you plan to use a language other than English as another locale, I suggest that you do that after install using the default English language because the installer may not install the fonts for any languages other than English. You need to use Synaptic and search for “your language” afterward to install fonts needed. To set the default language locale, you have to use the terminal to do it. Issue this command “dpkg-reconfigure locales” to start the process (remember, it is not Ubuntu anymore; it is a real Debian environment) and then select the locale(s) you want to generate. At the very end, you’ll be asked to pick which language to be the default. If you like me, do not know how to select a language listed after running the “dpkg-reconfigure locales“, then you type this “sudo gedit /etc/locale.gen” in terminal to open the file and comment out the languages you to have. After saving the change(s), use “sudo locale-gen” to let LMDE to generate those locales. Reboot and you should be able to read files and web pages in those languages. If you want to be able to input in any language(s) other than English, you have to use Synaptic to install your favorite input platform and methods.

Note 2: I do find one thing I cannot do in LMDE which can be done in Ubuntu and Linux Mint 9 (or lower versions). That is to assign this computer to a fixed and static IP. As our Telus Gigaset SE567 router does not allow me to assign IPs to all the network computers from the router admin area, I have to find a way to do it from within LMDE. I have tried to edit the file “/etc/network/interfaces” just like in the cases of Ubuntu and Linux Mint 9, but this did not work. I have tried to manually set the IPv4 Settings via the “Edit Connections…” link on the right-click menu of Network Manager, still no luck – I could set an fixed IP but then I lost the internet connections. If any of you know how to do it, please let me know by adding the solutions to the comment area below. Thanks!

How to set up a fixed IP for your computer running Linux Mint Debian (LMDE)Good News! Got the static IP set up after reading this thread on Linux Mint Forums. Basically I forgot to enter an IP (same of the gateway IP) in the field of “DNS Servers” for the Manual IPv4 Settings.

Anyway, right-clicking on Network Manager to “Edit Connections…” is certainly the easiest and simplest way to assign a fixed IP to your computer! See the screenshot for this simple step. BTW, after you make the changes, you should use this terminal command “sudo /etc/init.d/network-manager restart” to reset the network. The “sudo /etc/init.d/networking restart” command does not work for LMDE as it is for Ubuntu and Linux Mint 9.

Installing applications using the .deb files are not straight forward as in Ubuntu or Linux Mint 9. You have to install the gdebi utility using Synaptic and then issue the terminal command “sudo gdebi whatever_file.deb” – I used this method to install Skype for Debian Lenny although my LMDE Debian version is in fact Squeeze. Someone called “tomac” shared the following to make edebi open all files that end with .deb:

As for gdebi, you can set up nautilus in such way that double clicking on .deb file will open it in gdebi, just like in Ubuntu. After having gdebi installed, right-click on some .deb file, then click Properties -> Open With tab -> and from application list select gdebi, then Ok.

Now I am facing the next challenge if not the last one, that is to install Google Earth in LMDE. I tried a few approaches found by googling around but all failed. I did get it installed but it crashes whenever I start it. If you know how to do it, let me know by using the comment area. Thanks!


Ubuntu 10.04 About to be Released

The newest version of Ubuntu (Lucid Lynx 10.04) has been set to be released on April 29, 2010. Beta 1 is now available for testing. Beside better look (they will switch from the former default Human theme to Ambient theme) than 9.10, the new version is making big improvements in the following areas…

  • Even faster booting and shutting down – the full removal of HAL from the boot process makes Ubuntu faster to boot and faster to resume from suspend. Moreover, multiple changes to look, feel and speed of the boot experience have been included in the Ubuntu 10.04
  • If you experienced a blank screen when trying to install Ubuntu in the past, you will not this time as the Nouveau video driver is now the default for nVidia hardware. This driver provides kernel mode setting, which will give improved resolution detection during Ubuntu installation. Moreover, three different NVIDIA proprietary drivers – nvidia-current (190.53), nvidia-173 and nvidia-96 – can be installed all at the same time although only one can be used at a time
  • Music store added. Now millions of songs can be purchased from the Ubuntu desktop, integrated with the Rhythmbox Music Player and using Ubuntu One cloud storage for backup and easy sync.

We are testing Beta 1 right now and will update this entry if we find anything else to be worthy of updating.



Welcome to Ubuntu Linux Mint Community which was set up in the first month of 2010!

If you want to know why we build this online community, please click here to read the STORIES behind. If you are testing or using the Ubuntu linux desktop system to replace your Mac, Windows XP, Vista or 7 system and you need help, please click here go to our FORUM.