I am fighting a new form of spam on my blog. Just when I think I've got things pretty tightly locked the spammers find a new way. I'm getting spam in my blogroll.
See for yourself (http://erik.weibust.net). I promise I'm not trying to sell male enhancement drugs from my site. It's taken me 12 hours to be able to joke about this, as I was quite pissed when I saw the intrusion.
Anyhow, I'd love some help on resolving the issue and was thinking this would be a good place to start looking.
Some background on the problem. I was running WP 2.1 until last night. The first thing that clued me into the problem was I got an email about a new user on my blog on Friday. That freaked me out as I'm the only user, and I didn't add a new user. So I login to the dashboard and immediately removed the user. I spent some time digging around my dashboard and didn't see anything "fishy" so I thought I might be ok.
Then on Saturday I noticed there was a whole bunch of spam links added to my blogroll. I immediately logged in to the dashboard and removed the links. Then I checked the users tab, expecting to see a new user, there wasn't one. I'm at a loss as to how the links got added without a login to my blog. To be safe I changed my WP admin password.
Sunday the spam was back. I didn't know what else to do, so I upgraded to WP 2.3 hoping that would help. No dice. Now I have a very generic blog, with a crapload of blogroll spam.
Please help. I'm guessing the next step is to change the passwords for my db user and my ssh user. I can't change the password right now, I'm at work and can't get through my work proxy to the servers. I'm making the password change as soon as I get home.
I've checked the sidebar and it looks clean. I program, but not in php, so I'm not 100% sure the sidebar is good. That said, I'm fine with deleting my sidebar and downloading/installing a new one, as I'm now running a completely stripped down template.
What else should I do/check?