freckles_and_doubt | hack, slash

There's this unruly bugger somewhere in Russia or the Ukraine or whatever who routinely hacks my website, specifically the one in my actual name where I keep my teaching pages - it's a WordPress site, which is apparently tantamount to sticking a huge banner reading "HACKERS WELCOME!" over its front page. Since one of the things I teach is a section on vampires and the internet in a History of Eroticism course, it's clearly being targeted by a sort of "hur hur hur" juvenile whose so-called "thought processes" are rendered even less functional than usual by the mere mention of the word "sex". He (and I say advisedly, it feels very maladjusted-juvenile-male to me) habitually overwrites the index.php, to replace every page in the site with a GeoCities-style black page featuring some scantily clad female, often of the vampiric persuasion, in a vacuously available pose, while scrolling inscriptions in various languages crow pointlessly about his own cleverness in hacking me. It's the virtual and textual equivalent of some awkwardly skinny and acne-ridden dude in a too-tight speedo flexing his nonexistent muscles in the vain and delusional belief that it renders him the cynosure of feminine admiration. Sad, really. And bloody annoying, because it's my professional page in my own identity, and doesn't really create a very good impression if a colleague looks me up, which they actually may do given that I have three conference papers accepted for this year.

Stv used to exterminate these little cockroaches for me, but I've just moved my sites out of his hosting ambit, which means I can no longer meep at him about it, but conversely in the last few days have become involuntarily far more proficient with basic WordPress functions. I am now perfectly capable of rewriting the index.php when necessary, it's very simple, and caused me a certain amount of vindictive satisfaction to reverse things in moments when the bastard hacked me for the inaugural time on the new servers yesterday. It won't, of course, sort out any nasty backdoors or other bits of code the Juvenile Hacktwit has left lying around on the site, so a large chunk of this weekend is going to be spent working painstakingly through various sites which detail how to protect oneself from this sort of attack, and fiddling accordingly while desperately hoping I don't break anything.

It occurs to me, however, that the high concentration of computer proficiency among the witterers may be useful in providing an answer which I couldn't actually find on Teh Internets. The stat counter thingy on my site identifies robots.txt as one of the most frequently-hit resources, which is interesting as diligent search suggests that, unless it's tucked away somewhere really counter-intuitive, I don't have a robots.txt file on the site. (Which is apparently quite fine, since malign bots ignore it and hackers use it as a pointer to the stuff you don't want them to see which they therefore really want to see, so it all seems a bit pointless). The statcounter insists that the hits are all real people rather than bots. My question is, what are these people looking for? Are they simply checking for the aforementioned "private" bits of the site, or is there some other nefarious purpose? Enquiring minds want to know.