Hacked after installing WP Security Scan plugin

If your WordPress installation is owned and defaced and you’re in a hurry, jump right to the Solution the top of the next page. But watch out, it could be a different problem.

I’m new to WordPress and was asking myself what I can do to secure my Blog. I’ve tried the WP Security Scan plugin, since I’ve stumbled upon it a few times.
I didn’t read the instructions thoroughly and so it came my wp-config.php file wasn’t writable. After the run of the WP – Database Security feature my Blog looked like a fresh install.
I’ve started to read the comments at site of the plugin, but it took me a while to find out what to do.
So a few kids took their chance to defaced my site. Why kids? – Simple:

NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS NIGGERS …

and many more of it. But that wasn’t enough. Beside racism they also demonstrated a sound portion of homephobia.

M A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A FAGGOT IM A…

But after such an emotional eruption, the young ‘man’ must have bethought himself of his very adult performance, and start to give good advices, best practice or some sort of recommendation, judge yourself:

Hey, yo! I found your WordPress install script!
December 5th, 2008

You really should get rid of that after you’ve installed wordpress (or any PHP app).

Time to turn it over to /b/ and let the jackals eat it….

Sorry, but its the only way to make people remember.

Hehe, funny. Well – thanks for this unforgettable impressions, stranger. But anyhow, thanks for not completely messing up my machine ;-)