Over the years, GBXM got a bit messy. I’ve tried cleaning it up, but after deciding to shut it down earlier this year, I stopped caring and gave up. (I was gonna pull the plug at the end of 2017.)
Eight months later, I’m firing up the presses and getting back to work, I turn the emails back on and publish something new. The first piece of new content since February.
And that’s when I get the malware alert from DreamHost. #facepalm
I don’t know why those files were publicly editable. I certainly didn’t configure them.
I audit admin users.
I change all admin passwords.
I change the DreamHost password.
I change all the MySQL DB user passwords.
And now I can’t FTP in.
I’ve tried every user I have.
I’ve tried FTP and FTPS.
I’ve tried all my clients.
Now the site is broken and won’t load.
And I can’t remove the malware, either.
15 hours later, message from support is essentially, “You are teh suck, no0b. Try again.”
At least I got the emails turned back off again.