Bright side of an exploit ?

So, my website (tibonihoo.net) has been recently hacked... No apparent effect but a bunch of undercover redirections and a load of php one-liners to "do stuff" with cookies.

Apparently I'm not the only one to have suffered from this and everyting comes from a security hole in zenphoto (that I use to manage my photo gallery).

The bright side of things:

  • it's a good incentive to think a bit more about the security of my website and its data
  • it's a good reminder to suscribe to the right rss feed for zenphoto (the former has suddently changed, without me paying attention)
  • it's a good criteria to clean-up useless plugins (goodbye wp-security-scan that brillantly failed to detect anything)
  • it's a good time to thank Dreamhost's team that answered my question pretty quickly
  • it's the perfect occasion for you, dear visitors, to clean up your browser's cookies (because the aim of the exploit is not clear, but visitor's cookies clearly seemed to be involved).