(updated 7:26am Monday – Man, was I asleep at the wheel when I wrote this post last night. I added more information!)
About 2 weeks ago I get an email from some person over in the U.K. telling me the grim and terrible news that my site has been hacked. Weird, I hadn’t noticed. But then, I hadn’t been posting all that much (okay, none at all but life has been getting in my way lately) so I hadn’t noticed anything. But jeez, my site sure was running slow….
The very helpful Brit told me they were using the NoScript add-on to surf the web and they saw the hacks. So I added NoScript to my Firefox browser and low and behold, my header had me selling viagra, among other things!
Hmmm, I seem to recall hearing about this somewhere. Oh yeah, I retweeted a post about that some time back….
And this attack, although focused on weaknesses in WordPress, wasn’t focused on one host, it was a global attack and affected hosts such as HostGator (one of the largest) and my “beloved” GoDaddy…
And, of course, there’s a ton of information about the attacks out there for you to read, some specifically about how fix your blog…
So after the freak out, the denial, and the ignore it and it might go away tactics didn’t work, here’s what I’ve done to make sure your visit to my site is safe and secure. Please note: I am NO expert about computers or how any of this stuff works. I piece it all together like most hobbyists using Google. So please, take my advice with huge ass grain of salt!!!!
#1 – I went back to an old backup of my blog from before the “hack” and restored to that version. But I still had some malware on my site (more on that in a moment). Make sure you backup, backup, backup!!! My host (at the time), GoDaddy, automatically backups all my files daily. I will also back up my blog from time to time on my local computer. The plug-in I use for my back-ups is WordPress Database Backup.
#2 – Changed all my passwords – I highly suggest you utilize passwords with capital letters in odd spots and you use numbers and punctuation marks. A total pain in the butt but soooo worth it.
#3 – I double checked to make sure I didn’t have an “Admin” administrator on my WordPress account. Nope, it was only me on there.
#4 – Added the plug-in “Limit Login Attempts”
#5 – I “hired” Sucuri to clean my site. I found this service during my Google-ing. If you go to their page, you can type in your url and they will scan your site for malware in the code. So even though I had restored my site back to old version, I knew there was going to still be malware on my site because the hackers put their code in my header and I was pretty sure there was code still hanging on the site. The scan showed me where it was. So I paid, they cleaned my site, and now they monitor it. I also get updates on security news which is quite handy.
#6 – I’m in the process of moving from my current host to a new host. I’ve been needing to do this for some time because my site is tangled up with another site I don’t own. This hacking issue only kicked me in the behind to get it done sooner. I’m still not officially moved yet so hopefully I don’t lose THIS post in the move 😀
#7 – Lastly, once I’m at my new host, I plan on checking out CloudFlare to see if turning on that service will slow down my site. I don’t even want to mess my DNS before I move hosts 😉 But what they do is become your DNS host and weed out between your good visitors and your “bad” visitors. Oh, I’m completely simplifying it so check out their website for more details. It’s a free service.
So while I still might not be posting everyday just yet, I’m well on my way. Let’s just call this the ultimate kick-me-in-the-ass Spring Cleaning of the blog exercise….