Smashing Goes Down On September 2nd: What Happened? | Events | Smashing Magazine

September 2nd was a sad day for Smashing Magazine. Late in the evening, we received an email from one of our readers, reporting that the data on our Web server may have been compromised. We have conducted a careful examination of the situation, and it turns out that someone attempted to infiltrate our main server and has indeed managed to manipulate some HTML data.

As soon as we discovered what happened, we took our WordPress-powered server offline to make sure that no harm would be done to our website’s visitors. As far as we know, no machine of any of our readers has been compromised. Our readers’ data is of the highest priority to us, and we didn’t want to take any risks.

Smashing Magazine went down around 7:00 pm CST on Tuesday, 2nd September 2009.

Once we turned off Smashing Magazine’s main server, we loaded a back-up with the new software on an external mirror server using Amazon’s E2 Cloud. Loading the back-up, re-building the database and configuring the server to our needs took some time: our system administrator, Rene Schmidt, worked away at it all night.

The attack was “only” on our main blog server; our forum, job board, shop and RSS feed all run on separate servers, and the attackers didn’t gain access to any of them. And because our shop’s server does not store any credit card details or PayPal data, our customers’ private data could not be attacked. As we examined the problem, we kept our users updated through a makeshift maintenance page and our Twitter account, @smashingmag.

Smashing Magazine is now (almost) completely restored. In the process, we were prompted to update our software, and we have used this as an opportunity to improve the security of our servers and revise our security server requirements.

We don’t yet know how exactly this attack was done. Very likely, an outdated WordPress plug-in or old script allowed it to happen. We also don’t know what the main purpose of the attack was.

We express our sincere gratitude to everyone who has offered us help and to everyone who has supported us. We’ll do our best to keep the magazine alive and out of harm’s way in future.