I don't know Wordpress too well. But does this mean that 23 people have upvoted this story, and no one has gone through the install process with a bogus title like "VH1 Rules"? If so, you're real troopers, folk of HN.
Ah, I see. So it's more likely that 23 people upvoted the story, said, "Ho-hum, stupid MTV!" clicked the "Install" button, said, "Ho-hum, stupid Wordpress!" and then moved on to the next iPad article. Well, I'm less inspired by HN's collective magnanimity, but my mind is also less blown.
You do know that people have gone to jail for less than what you just did?
It's silly, but the laws on the books for computer crime are not rational or fair, and unprotected admin interfaces are still protected by the law.
Makes me wonder who's minding the shop on the backend though, since a few thousand access denied errors should trigger a look from whoever is watching MySQL.
That is indeed a serious oversight. I was not familiar with the site but a simple search for it returns a lot of sites linking to it.
This HackerNews post is actually the fifth result returned, I don't know for sure if that's because it's recent and Google is weighing it more heavily or because HN has so much googlejuice.
Did someone take a screenshot for posterity? I suspect the good folks at MTV will fix the issue soon and HNners who are a little late to the party will be left wondering why this article is at the top of the page?
9 comments
[ 3.0 ms ] story [ 24.7 ms ] threadWordPress database error: [CREATE command denied to user 'mtv_wp_user'@'172.17.129.134' for table 'wp_style_terms'] CREATE TABLE wp_style_terms ( term_id bigint(20) NOT NULL auto_increment, name varchar(55) NOT NULL default '', slug varchar(200) NOT NULL default '', term_group bigint(10) NOT NULL default 0, PRIMARY KEY (term_id), UNIQUE KEY slug (slug) )
[and a ton of other such errors, probably a couple hundred]
And at the end: Success! WordPress has been installed. Were you expecting more steps? Sorry to disappoint.
Username admin Password Ku$WV^CQFsAV
(Wordpress seems to have a funny definition of success)
It's silly, but the laws on the books for computer crime are not rational or fair, and unprotected admin interfaces are still protected by the law.
Makes me wonder who's minding the shop on the backend though, since a few thousand access denied errors should trigger a look from whoever is watching MySQL.
This HackerNews post is actually the fifth result returned, I don't know for sure if that's because it's recent and Google is weighing it more heavily or because HN has so much googlejuice.
style.mtv.com.edgesuite.net is an alias for a1177.g.akamai.net.
a1177.g.akamai.net has address 67.148.71.26
a1177.g.akamai.net has address 67.148.71.11
Hopefully Akamai isn't configured to proxy POST requests.
Edit: Someone less cautious about being logged confirmed that this is not the case.