The last time I wrote about a hacked site, it was using a redirect that sent some users to a different site. This kind of hack is pretty common (even though it’s usually not as complex as mentioned in that post), it leverages the sad fact (archive.org) that users are often easy to trick and not browsing with protection (or a current browser (archive.org)).
A different angle of attack is to redirect only search engine crawlers to a different site.
All of the websites I put together at the moment are used for playing around and testing things. It’s fun to set up a site, try some things out, delete it or just let it sit and then - usually much later - start over and try something else. The only problem is that by the time I am ready to start over, I have forgotten my password. I can find my user name, it’s in the FTP client and visible in my hosting control panel, but the password is not visible anywhere.
Warning: do not try the URLs here unless your system is locked down properly. I suggest using a “virual machine” (I use VMware) to test things like this. The hack itself is complicated, the system is simple - skip the complicated part if you’re in a hurry.
It all started with a posting (archive.org) like this:
When I do a google search for [Jonathan Wentworth Associates] the first result is: _Jonathan Wentworth Associates, LTD Welcome to Jonathan Wentworth Associates, a respected resource for world-class orchestral soloists, conductors, opera, chamber music, chamber orchestras, .