Ramen Junkie

Purging WordPress .ico Malware… (Hopefully)

So, this is a hopefully, because it’s been a bit since I have done this, and things seem to be clean. So, there is a reasonably common bit of Malware out there that seems to affect WordPress sites, I say reasonably common, because in my time looking for a solution, I have come across a fair number of others with the issue, but no solutions. And I have tries several solutions. As of now, I have been a few months clean, and without hacky work-arounds. I’m going to attempt to run through what I did that held it at bay, and what seems to have finally managed to purge it, in hopes of helping others.

The Malware itself basically would occasionally redirect the blog domain to a spam website. I say occasionally, because it’s not all the time, and with enough anti-advertising stuff in your browser, you may never see it happen. I have personally, never once seen it happen, on any of the sites I run on this web space. I first found it was infected because occasionally, my wife would mention that someone she had linked her blog to, was getting sent to a spam website. Initially I thought maybe someone was mistyping the domain along the line. My wife also said it would happen occasionally. In my work combating this malware, it seems like the actual redirect occurs slowly over time, as the infections spreads.

It also will spread across sites hosted on the same server. Which made it extra tricky to fight because I had to juggle several sites at once.

Part 1 – Keeping It at Bay and How it Spreads

I have no idea how the infection was initially started, which is rough, because that would be key to KNOWING it’s gone. As near as I can tell, the initial source of the infection is int he uploads directory of a blog. It eventually starts to add “gibberish code” to files like wp-config.php and settings.php. I say “Gibberish Code” because it’s actual PHP, but it’s very messy in it’s design and encoding to make it hard to read to locate files. The gibberish code would generally show up at the top of the files, but could be elsewhere.

Eventually, random folders would start showing up in the root WordPress directory, sometimes with gibberish names, sometimes with specific spammy sounding names, sometimes with names that appear to be part of the blog (like ‘site’ or ‘blog’).

The first step in holding this at bay was so dump all write permissions for several critical WordPress files that kept being infected. This seemed to only sort of help, the problem was more that the owner, www-data, still could write to the files.

The next step was to convert all of the web files to an alternative user account as the owner, then set the files so www-data could only read. This created a new problem, it meant I could not easily update anything or upload images for blog posts easily. Since www-data had no permissions to write anywhere. If I was making a new post, I would have to SSH into the server, temporarily change the permissions, then change things back.

Pain in the ass.

My temporary fix there, was to keep the current year as writable, and run a script that would probe for malware files and delete them. There were two scripts, one for the hidden .ico files that would crop up and one for any .php files that were in the Uploads folders. Both run with a cron job.

#!bin/sh
/usr/bin/find /var/www/html -name ".*.ico" -exec rm {} +

This is, admittedly, an EXTREMELY Hack way to correct this problem. Hack less in the sense of “computer hacker”, hack in the sense of “jankey or shoddy”. But it worked, while I figured out the root issues.

Part 2 – Fixing the Issue

Eventually I sat down and just sort of rebooted everything, all at once. I started with everything set up as an alternative user permissions and locked down. I then scrubbed out all infected php and ico files from the upload folders. I then thoroughly scrubbed out the wp-config files. Basically, any files I would need to moved to a fresh WordPress install, which was the uploaded images, and the configurations, were completely sanitized.

Next, I downloaded a fresh copy of WordPress, expanded it out and made copies for each site folder with websitename_new. After that, I copied the uploads folders and wp-config files to the new copies. Then i renamed each current folder as websitename_old, and renamed the new ones as simply websitename. (I actually did this and the subsequent steps once at a time for each site). This made the new, fresh installed copies live.

Except they have no plug ins and no themes. I did not transfer any old theme files or plug in files, for worry of infection. Instead I went into the old folders to get a list, then redownloaded each theme and plug in to the fresh copies. This meant doing some reconfiguring but it was worth it for clean copies. I also left out anything that wasn’t absolutely essential to the basic look and operation.

Site note, when a fresh install copy is made live, it may not load until you go into /wp-admin, and change the theme to literally anything else (Generally, the current year WordPress Default works). The config files will still be looking for the non-existent old theme.

With everything fresh and ready to go, I deleted the old potentially infected copies, to ensure the infection was now completely purged. After that, I created a backup folder, and copied all of the current fresh versions of the site folders to the back ups. This way, in the event of a reinfection, I could simply, slap a fresh back up in place easily. It might be missing a few recent images, but it would be way less work.

Still worried, I then reverted the permissions for the sites back to www-data, but I did them one at a time, roughly a week apart. Carefuly checking for reinfection with each change.

So far so good, I have not had any problems. Here is hoping it stays.

My Music Listening Habits for 2021

It’s time again for my new favorite annual tradition here (until it isn’t), my music listening habits for the year. Not a lot of new this year, I’ll admit that. Though I sometimes wonder if part of that is that some artists and albums get sort of lost int he sauce of over listening to some of my favorite artists. Anyway onto the break down, I’ll split up artists and albums even though they kind of parallel each other.

Artists

The biggest movers this year were Aurora and CHVRCHES in the number two and number one spot. CHVRCHES has a new album released this year and Aurora in general is just really great. We also have Dodie at number 4, which I predicted last year would be a riser in the charts. Also at number 6 is Orla Garland, who in addition to being Dodie’s Guitarist, also released a pretty good album this year (Woman on the Internet).

Another one, though probably more well known than most of the rest of my top ten, is Dua Lipa. For some reason I keep having to remind myself just how good her album Future Nostalgia is, because every track on that one is excellent and I enjoy listening to it every single time.

Also a few regulars that have been floating around these lists, BT, Daft Punk, Lady Gaga, Avril Lavigne, Alanis Morrisette, The Who. I’ve also been listening to Nirvana a lot lately for some reason. Slightly surprising is that Rafaella is still up there at number 19. She opened for Sigrid when I went in 2019.

Albums

My most listened to Albums for the year are pretty in sync with the artists list. The top ten are dominated by CHVRCHES and Aurora, with the rest of the list covering others in the higher end of the list of artists. I honestly didn’t listen to enough different albums to make a proper list of new albums, but Screen Violence, Woman on the Internet, Build a problem, Red, Taylor’s Version, are all albums I would recommend.

Changes in Habits

So, I wanted to throw in real quick some changes in my music habits. One, I wanted to go to more shows after seeing Sigrid live, and this was re-enforced after seeing CHVRCHES. I keep mentioning this and so I should probably STOP mentioning this. I do already have two shows lined up for 2022, Dodie and Aurora, which isn’t a lot, but it’s something. Here is hoping the world doesn’t collapse on itself again now that we’re sort of able to do this sort of thing again.

I’ve also been shifting to FLAC over MP3. I re-ripped a few of my more favored CDs to Lossless format. I’ve also started buying FLAC instead of MP3s when I can. Part of this also means I’ve been getting less from Amazon, where I previously bought a lot of my music. It’s also part of why the “new” factor took a nose dive this year. I don’t use any music streaming services, I prefer to actually buy and own my music. Amazon did include some streaming I occasionally used with Prime, but the app has become disgustingly aggressive about pushing their paid streaming service so I removed it. Basically I’m sick of it and I’m “voting with my wallet”.

Precictions

I also want to make some predictions a bit for 2022. CHVRCHES will still linger but will likely start to fall off. The new album hype is over, going to see them live hype is over, I still have them in rotation but I can tell I’ve been listening less lately.

I predict Sigrid will start to make a come back. She is still my number one artist scrobbled of all time, but she has had almost zero movement this year. She put out a couple of tracks but I prefer to wait for albums these days, though Burning Bridges and Mirror are both good. I predict the come back because of the new album. HOWEVER, I predict she will lose the top all time spot to Aurora. Aurora also has a new album coming out next year, right at the start, and (unless the world fall apart again), I’m going to see Aurora live in May. Aurora is also very close to over taking Sigrid already.

I also predict BT will start to rise fairly quickly. I’ve bee doing some catch up on some of his newer albums and I still really enjoy his music. I also feel like Dua Lipa is going to start rising in the list and Tessa Violet is going to fall. Tessa Violet hasn’t really put putting out anything that interesting lately, mostly remixed versions of tracks already released. It’s not bad, it’s just not keeping my interest.

Finally, two to keep an eye on will be Sofi Tukker and King Princess. Both have been sort of bubbling along in the background for a while and I feel like both are going to start getting more play in my rotations and album listening.

2021 Reading List

Shikake: The Japanese Art of Shaping Behavior Through Design

Shikake: The Japanese Art of Shaping Behavior Through Design

Naohiro Matsumura

Published: | Pages:192

My Rating: 4/5

Description: We are living in a time when behavioral change is necessary for our health and survival. Yet we find it exceedingly difficult to transform our own habits, let alone those of other people. Enter Naohiro Matsumura, whose powerful new design method is as astonishingly simple in its logic as it is sophisticated in its psychology. It allows any of us—from UX designers and marketers to concerned citizens and overworked parents—to address challenges in our homes, our public spaces, and our social interactions.As Matsumura shows, a shikake—or “device” in Japanese—is a design that exerts influence on us through subtle nudging, rather than direct command; it encourages a particular behavior without telling its (often unwitting) user the primary purpose of that behavior. For • Footprints in a store guide shoppers and keep them socially distant• A basketball hoop placed over a trash can entices children to tidy up their rooms• A symbol of a shrine in a public square encourages respectfulness• A staircase painted to look like piano keys prompts exercise through playCombining traditional Japanese aesthetics with the lessons of behavioral economics, Matsumura reveals how to identify the hidden design cues that already shape our world, and how shikakes can help us confront some of the most pressing challenges of our era, from pandemics to declining civic engagement to climate change and beyond. Mind-bending yet elegant, Shikake presents a tool kit for anyone who wants to create their own mindful designs, for the delight and betterment of us all.

The Endermen Invasion (An Unofficial Gamer's Adventure, #3)

The Endermen Invasion (An Unofficial Gamer’s Adventure, )

Winter Morgan

Published: 2014 | Pages:114

My Rating: 2/5

Description: This adventure series is created especially for readers who love the fight of good vs. evil, magical academies like Hogwarts in the Harry Potter saga, and games like Minecraft, Terraria, and Pokemon GO.In this third installment of the Minecraft Gamer’s Adventure series, Steve is invited to participate in an elite building competition on Mushroom Island. His friends—Max, Lucy, and Henry—are impressed and want to join their friend on a journey to the island. Yet not everyone is Steve’s neighbor Kyra is upset because she wasn’t chosen as a contestant. Steve asks Kyra to come to the competition and help the gang build boats to get to Mushroom Island. She agrees, and the group sets out on an adventure to the contest. Getting there is half the fun, and the group treks through the jungle, where they find a rare temple filled with treasure! But getting the treasure isn’t easy, and they have to fight fierce battles to continue their journey.After their exhilarating and rewarding journey to the contest, they finally make their way onto the island and meet the judges, as well as the other four contestants, whose egos are as big as the houses they are building. Steve builds his dream house to impress the judges, but just as they begin judging, the island is overrun with Endermen. Mushroom islands are known for not having hostile mobs, so everyone knows it’s the work of a griefer. Is it one of the contestants? Nobody knows, but they all have to work together to battle this invasion of the Endermen.Will they be able to defeat the Endermen and find out who the griefer is? And who will win the building contest? Find out in this thrilling third installment of the Minecraft Gamer’s Adventure series!Sky Pony Press, with our Good Books, Racehorse and Arcade imprints, is proud to publish a broad range of books for young readers—picture books for small children, chapter books, books for middle grade readers, and novels for young adults. Our list includes bestsellers for children who love stories told with LEGO bricks, books that teach lessons about tolerance, patience, and the environment, and much more. We also publish books for fans of Minecraft and Pokemon GO, including books full of useful hacks, tips, and tricks, as well as Minecraft adventure stories for readers who love the fight of good vs. evil, and magical academies similar to Hogwarts in the Harry Potter saga. While not every title we publish becomes a New York Times bestseller or a national bestseller, we are committed to books on subjects that are sometimes overlooked and to authors whose work might not otherwise find a home.

The Mystery of the Griefer's Mark (An Unofficial Gamer's Adventure, #2)

The Mystery of the Griefer’s Mark (An Unofficial Gamer’s Adventure, )

Winter Morgan

Published: 2014 | Pages:114

My Rating: 3/5

Description: Steve is back and ready for more adventures! But this time the excitement lands closer to home. While walking home from the village, Steve is surprised to hear a loud BOOM! When he returns home, he finds his wheat farm destroyed and a huge crater where the wheat once grew. And his diamond sword is missing! Steve believes it’s the act of a griefer with a lot of TNT. Devastated, Steve wants to rebuild and find his sword, but with his wheat destroyed, he must call on old friends to help him.All together again, Lucy, Max, and Henry tell harrowing stories of their treasure hunts and conquests, and Steve discusses his strategy for rebuilding. They all go to sleep, excited to begin their plans; but when they wake up, Henry is missing! Looking for Henry in the village, two of Steve’s neighbors, Kyra and Adam, have been targeted as well: Kyra’s barn was flooded with lava, and Adam’s friend Thomas is missing too!Who is the griefer terrorizing Steve and the villagers? And how will Steve find the resources to rebuild his prosperous farm? With suspicion circulating and no answers to be found, Steve finds himself wrongly suspected of these crimes�and so he must discover who the mischievous griefer is before something even worse happens.

The Quest for the Diamond Sword (An Unofficial Gamer's Adventure, #1)

The Quest for the Diamond Sword (An Unofficial Gamer’s Adventure, )

Winter Morgan

Published: 2014 | Pages:114

My Rating: 3/5

Description: Far from his home, with night about to set in, Steve fears for his life. Nighttime is when users are most vulnerable in Minecraft. As he looks for shelter in a temple, he meets a trio of treasure hunters, Max, Lucy, and Henry, who are trying to unearth the treasure under the temple. Steve tells them of his master plan to mine for the most powerful mineral in the Overworld—the diamond. The treasure hunters are eager to join him. Facing treacherous mining conditions, a thunderstorm, and attacks from hostile mobs, these four friends question if it’s better to be a single player than a multiplayer, as they try to watch out for each other and chase Steve’s dream at the same time.Will Steve find the diamonds? Will his friends help or hinder the search? Should he trust his new treasure hunter friends? And will Steve get back in time to save the villagers?Sky Pony Press, with our Good Books, Racehorse and Arcade imprints, is proud to publish a broad range of books for young readers—picture books for small children, chapter books, books for middle grade readers, and novels for young adults. Our list includes bestsellers for children who love to play Minecraft; stories told with LEGO bricks; books that teach lessons about tolerance, patience, and the environment, and much more. While not every title we publish becomes a New York Times bestseller or a national bestseller, we are committed to books on subjects that are sometimes overlooked and to authors whose work might not otherwise find a home.

CHVRCHES @ The Pageant feat Donna Missal (12/06/2021)

Back in 2019 after going to see Sigrid live, I decided I really wanted to go to more concerts. I even started planning to maybe try to go to Lollapalooza at some point. Then well, the world fell apart, and there were no concerts really for a while. Things are still kind of falling apart but they are better for people making an effort to make them better (though that’s a subject for another post). I did manage to make it to another concert. I even have one, maybe more lined up for 2022 already. This time it was CHVRCHES. It’s just pronounced “Sheevurches” so don’t over think it. No wait, it’s just “Churches”.

Funny enough, Last.fm suggests I started really listening to CHVRCHES a bit after going to see Sigrid, though I also started really trying harder with tracking music on Last.fm around that time as well. I am pretty really sure I have listened to at least some of their music before 2019. I’ve been listening to them pretty heavily for the past few years, spoilers for my end of year music wrap up, but they were my number one most listened to artist this year. Though they are still number 4 over all.

CHVRCHES at The Pageant

This show was once again in St. Louis, this time at The Pageant, a nice music hall a little north of Forrest Park off of Delmar Blvd. The supporting act was Donna Missal, whom I had not heard before. Before the show I had a pretty tasty chicken sandwich down the block at Chicken Out. I forsake my “Ramen Junkie” moniker this round a bit because the chicken seemed faster and I just wasn’t in the mood for noodles, despite that there is a Ramen Noodle restaurant just next door to the Pageant. Maybe next time.

I got tot he venue around an hour and a half early, I really wanted to get down up front like I had with Sigrid, though the light show of CHVRCHES is probably pretty good even from a distance. I managed to end up on the bar next to the stage again, down on the right side.

The show itself was really great. I enjoyed Donna Missal quite a bit and was kind of disappointed that I could not find her merch stand, despite her mentioning it, I had kind of wanted to pick up a CD if they had any. I did go ahead and get a digital copy of her newer album later. She had some pretty amusing moments with her guitarist, who, in her words, is her “crush” though “sadly, she is married… to a man…” Her setlist was 10 songs line, 9 original and one cover.

  • How Does It Feel
  • Jupiter
  • Skin
  • Butterfly
  • Insecure
  • Sex is Good
  • (To Me) Your Face is Love
  • Fake Plastic Trees (Radiohead Cover)
  • Best Friend
  • Let You Let Me

After a brief break was the main event with CHVRCHES. What a great show. Tons of amazing lighting effects, a solid performance, despite Lauren apparently having a cold. Not quite as much back and forth banter between the three as I would have liked and have seen in some of the other concert videos, but still a bit of fun bits in between tracks. I almost wonder if some of those break moments where they would chat were sacrificed for Lauren’s many costume changes. She came out in one outfit, and shed the jacket she was wearing after the first track, changed later into a second outfit, then later into a third, which was modified for the encore songs. So essentially 5 different “outfits”, though she doesn’t leave the stage to shed her jacket.

The show was also really good from an acoustics perspective. The audio engineers definitely deserve some credit for good mixing and balancing on things. It wasn’t overpoweringly loud like the Sigrid show had been. Though I did have a set of concert ear plugs this time, something I’d recommend honestly. Proper concert ear plugs are designed to slightly dampen the sound without making if muffled or too quiet. I really did not notice anything missing.

Anyway, CHVRCHES setlist was 17 tracks long, with the majority of the tracks being off of Screen Violence, which isn’t surprising. I also managed to get much better photos and video than when I saw Sigrid.

  • He Said She Said
  • Forever
  • Leave a Trace
  • California
  • How Not to Drown
  • Violent Delights
  • Science/Visions
  • Good Girls
  • Bury It
  • Miracle
  • Night Sky
  • Final Girl
  • Recover
  • Never Say Die
  • Asking For a Friend (Encore)
  • The Mother We Share (Encore)
  • Clearest Blue (Encore)

I particularly enjoyed Violent Delights, which is relentlessly aggressive live, the chaotic build of Science/Visions, Night Sky which is always great, and the massive build up of Never Say Die. Then of course Clearest Blue was a perfect closer track. However all of the tracks were excellent.

The encore itself was particularly special. In keeping with the “Horror” surface level theme of Screen Violence, Lauren comes back on stage covered in fake blood for the final three songs, still wearing her “Final Girl” T-shirt from the last costume change.