It seems there are a lot of WordPress hacks happening recently.
Network Solutions
Some WordPress blogs hosted by Network Solutions experienced a hack that made their websites redirect to a malware site. It specifically attacked the database by changing the site URL filed in the wp_options table. Although Network Solutions blamed WordPress, they ultimately announced it was a hosting problem, not WordPress.
Google Cloacking Hack
The Google Cloaking Hack’s notable symptom is in the search engine results for your site – instead of your title and description, the search results will show an alternate title with some prescription drug name. One example I found while looking for a particular article was “Clomid Prices – We Always Offer Lowest Prices on Internet” instead of the actual title of the post. It’s also referenced as the WordPress Pharma Hack.
My WordPress Hack Experience
So far, I haven’t found an official name for the WordPress hack that affected several of my sites. The following is how I figured out there was a problem and what I did next.
About My Hacked Sites
My sites are all hosted on GoDaddy. One is in its own hosting account, and the other four were hosted under the same account. If the hack hits one site on a hosting account, the injection gets into the PHP files of all sites in that account. All of my sites were on either WordPress version 2.9 or 2.9.1 as I hadn’t quite gotten around to upgrading them.
Hack Symptoms
- RSS was not working in WiseStamp signature, CommentLuv comment fields, or Yahoo Pipes.
- Stylesheets on admin panels were missing.
- Strange error in admin dashboard.
- Admin panel on mobile browser redirected to another page.
- Sites redirected to a free virus scanner search on Bing (in IE, sometimes Firefox)
What I Found in My Files
There were (thankfully) no modifications to my database, users, or .htaccess files. What I found included the following.
- Additional PHP file in root directory (on one site it was stranger_rosetta.php, and on another it was page_cersy.php).
- Encrypted PHP code on almost all .php files (about 5 out of hundreds were unaffected).
- View Page Source revealed all of the pages and RSS feed for my site had an additional call to a .js script right before the closing tag.
What I Found on My PC
When I did a full scan of my laptop Kaspersky revealed one Trojan virus that hit my system on April 10th and another on April 15th, and Spybot S&D revealed a couple of standard spyware programs / cookies.
Steps Taken to Clean WordPress Hacks
Before I got started in the cleanup process, I decided to redirect my affected sites using a 302 temporary redirect in my .htaccess files to send visitors of my sites to a post on my personal blog explaining what was happening. One interesting result of this was the post I wrote on my name domain was sent to Kikolani’s feed subscribers. It wasn’t deliberate, and I’m still not sure how that happened, but it worked out. Once I had the redirect in place, I did the following.
- Backed up my databases.
- Deleted WordPress installation files (primarily the .php files in the root directory except for wp-config.php and the entire wp-admin and wp-includes directories).
- Deleted the index.php file in the wp-content along with the classic and default WordPress themes.
- Deleted the .php files in the plugins folder along with plugins.
- Manually cleaned out ecrypted code from customized theme templates and wp-config.php file.
- Uploaded the latest WordPress installation files. (My sites were at 2.9, so upgrading to the latest version did not seem to require a database upgrade.)
- Uploaded fresh plugin files.
- Removed .htaccess 302 redirect.
- Checked the site in IE and Firefox plus source code to make sure malicious scripting was gone.
- Activated plugins.
- Celebrated victory (or considering how exhausted I was, relaxed for half an hour and watched Cougar Town on ABC online, but I digress).
Special Thanks and Resources
How did I know to do everything listed above? I received support and help from some old and new online friends, including Frank of TechJaws, Gail of GrowMap, and Derek Semmler, James of ATM Multimedia, and StrictlyFitteds. Without their help I would have been stuck.
Resources
If you are experiencing one of the WordPress hacks that are circulating, here are some great resources to help you diagnose the problems and fix your sites. I found that it took multiple resources to really get an understanding of exactly what to do to completely fix the problems.
- How to Check and Remove Malware from an Infected Website
- How to Remove Hidden Spam Links from WordPress
- WordPress FAQ – My Site Has Been Hacked
- How to Clean a Hacked WordPress Installation
- Diagnosing and Fixing the WordPress Pharma Hack
- Google Cloaking Hack and How to Fix It
- Did Your WordPress Site Get Hacked?
And of course, once your site is cleaned, be sure to secure it using a variety of the following methods. If you are unsure of how to implement any of these features, consult with your hosting company, WordPress or security consultant.
- Hardening WordPress
- 10 Easy Ways to Secure Your WordPress Blog
- How to Stop Your WordPress Blog from Getting Hacked
Your Advice
Have you experienced any of the latest WordPress hacks? Please feel free to add any additional details or resources in the comments below to help other WordPress users find good information and ways to protect themselves from malicious activity.
Related Posts- 70+ Resources on How to Start a WordPress Blog
- Top Dropbox Plugins For WordPress
- Upgrading WordPress 2.9 and Thesis 1.6
- What to Expect When Moving WordPress to New Hosting
- 11 WordPress Plugins to Analyze and Increase Traffic
This post brought to you by Kristi Hines
Kristi is a blogger, freelance writer, online marketing consultant, and social media enthusiast. Connect with me on Twitter and Google+.
Kristi has written 453 awesome article(s) for Kikolani.
Kikolani runs on Thesis, but also likes using Genesis. Learn more about Thesis vs. Genesis.
Enjoy this post?
Use the social buttons below to add it on your favorite social sites or send it via email. Also, subscribe to posts via RSS or by email to get the latest on blogging tips, social media, and other information for successful bloggers.
Comments are Dofollow, CommentLuv, and KeywordLuv enabled. Click here to ask questions and share your opinions - comments are open for up to 60 days after a post goes live. The website field is optional, so you can leave it blank or use your Facebook, Twitter, LinkedIn or other social network URL for your website link.
We all have heard that content is king, but if no one comes to see your content, then what is the point?
Blog Post Promotion: The Ultimate Guide will take you through ten different strategies you can use to successfully promote your blog posts, leading to more social shares, more comments, and much more traffic.
This guide will not only show you the strategies that will help you get your awesome content the exposure it deserves, but it will also help you build a mutually beneficial promotional team on your email list, instant messenger, and social networks so that when you are ready to promote, they will be there willing to help you.
Want to learn more about Blog Post Promotion: The Ultimate Guide? Check out the following:
- Blog Post Promotion Launch Post - Learn more about the eBook!
- Awesome Reviews for Blog Post Promotion - Read reviews from satisfied bloggers!
- Blog Post Promotion Affiliates - Become an affiliate and earn 40% commission!
{ 60 comments }
So far I was worry-less about WordPress thinking that hackers are unable to hack it. Now, I’m feeling insecure and worrying a lot about my wordpress blog. I wish nothing bad happens to my blog.
.-= New from Aminul Islam Sajib AISAJIB.com Invites Guest Posts! =-.
Twitter: kikolani
April 17, 2010 at 10:34 pm
I would say that you should check out the security resources and make sure you are as secure as possible. You don’t have to implement all of them – just a few will help!
Glad to see you have everything back up and running. I read this post but, to be perfectly honest, have no idea what you just said. I guess I did get the part that you deleted a bunch of stuff and reloaded it somewhere. Hopefully, if I ever get around to my own site and use WordPress, I will not get hacked.
.-= New from Kidgas I Am a Writing Maniac Thanks to 60 Day Challenge =-.
Twitter: kikolani
April 17, 2010 at 10:36 pm
That’s how I felt reading all of the other clean up posts. In the end, it really came down to deleting anything I that wasn’t customized (so just cleaning up the code in the wp_config and theme template files) and then uploading a fresh installation of WordPress and plugins on your server via FTP (or as I did, in the control panel of your hosting site). Sorry if it was a bit confusing, but it was the best I could do to summarize a very long, tedious process.
Yes, same problem and the blog is on godaddy.
Can i ask, after you deleted these, did you need to do a re-install?
or how/where did you get the clean files from?
# Deleted WordPress installation files (primarily the .php files in the root directory except for wp-config.php and the entire wp-admin and wp-includes directories).
# Deleted the index.php file in the wp-content along with the classic and default WordPress themes.
# Deleted the .php files in the plugins folder along with plugins.
# Manually cleaned out ecrypted code from customized theme templates and wp-config.php file.
# Uploaded the latest WordPress installation files.
did you ftp the latest WP install files? is that how you replaced the files you deleted. I know it sounds dumb, but trying to get my plan of attack ready!
thx
Ivan
Twitter: kikolani
April 17, 2010 at 10:40 pm
It’s not dumb at all. Since I was already at 2.9, I knew the upgrade to 2.9.2 wouldn’t be too bad. So I deleted all of my files except for the wp_config and theme template files (because I had some customizations) and replaced them with a freshly downloaded set of WordPress 2.9.2 files from the WordPress.org site and the plugins I was using from various sites.
You can, alternatively, open all of your PHP files and just remove the code. If you run into one that has nothing but encrypted PHP, it is probably a file that was added by the malware, so it needs to be completely deleted. Cleaning the files is a very, very long process though, and if you miss even one, you leave the virus on your site and give it a chance to repopulate on all of your files. Hence the deleting and reinstall is a bit easier.
You’re a star! Thanks *so* much. I finally got it sorted.
Out now for a very long walk!
I think, I am not facing these hacks as of now. But what should one do to prevent these hacks. Is there a way out?
Hopefully i don’t get infected with these hacks
.-= New from Gautam Hans @ Blog Godown You Can’t Do Everything…. If You Want Everything Done Right! =-.
Hi Guatam,
One tell-tell sign (for me anyway) is that my RSS feed wouldn’t work in Feedburner and/or Aweber, so I couldn’t send out any newsletters.
Twitter: kikolani
April 17, 2010 at 10:56 pm
I would say the best defense is by applying some of the tips in the security resources I listed, like protecting your wp_config file (which has all of your credentials in it), super secure password (capital letters, numbers, special characters), and keeping your PC secure (virus scanner, spyware detector) as hackers can get your FTP information via malware which is how a lot of these hacks are spreading.
Hello Kristi,
I am pleased that you got the problem solved. I’ve been hacked on two occasions. On two different servers, firstly, back in 2007, I was hacked when my hosting was with Globat. (I strongly suggest that nobody ever uses Globat). There servers had over filled shared hosting, where a WordPress blog with one page would crawl on its’ knees.
A good hosting solution is key. Now I am with Heart Internet. Heart Internet is a UK based hosting company that is always improving their service. You mentioned hackers get access with FTP. Well, Heart Internet now has a feature where you’re FTP access is locked. In order to access it you must access your control panel and then unlock it for a period of time. This prevents hackers accessing your sites. The best thing to do is manually add your username and password in your FTP program. A virus can find saved usernames and passwords in applications.
The only way to restore your WordPress blog is to back it up.
Thank you for the backlink, I am very grateful. Currently, I have a landing page on my blog, because I’ve been made redundant by my employer and I start working for myself on the 1st May, so I am getting everything ready.
Many thanks
Twitter: kikolani
April 20, 2010 at 9:52 am
My site has been hit before as well. I think this one was actually a bit easier, as it only affected PHP files, whereas the last one was embedded in every PHP, JS, and HTML file on my server. At the same time, since I had more sites on one hosting account this time around, it took a lot longer to take care of. Security is definitely the best defense.
Twitter: BlazingMinds
April 18, 2010 at 2:26 am
It’s nice to see that you are back to normal, it just goes to prove that when there is a WP update, it’s best to upgrade as soon as you can, but I do feel for you as been a blogger myself, I know how much hard work it goes in to building up a blog and it’s reputation only to have it pulled away from you by some complete and utter ….. I’m not going to swear
.-= New from Karen @ Blazing Minds How To Vet Your Twitter Followers =-.
Twitter: kikolani
April 20, 2010 at 9:54 am
It’s funny, I don’t notice the updates often, but I saw that sites running 2.9.2 were being hit as well, so I figured I stood the same odds not updating. Actually, the last time this happened, I was hit right after I updated to the latest version. It’s about a combination of upgrading and taking other security measures.
Don’t worry about swearing… I did a lot of that for the two days I was working on this!
Glad you got things sorted out, I would say this, I’d never host a site at godaddy…especially if the domain is registered there too, I have one registered there, never had any issues with godaddy, but I have seen lots of people who have had issues there, even forced into paying out to get the problem solved.
They dropped the persons site, for “alleged spam”, which never happened, yet then godaddy squeezed money out of them to get the site back up, needless to say, they moved the site sharpish.
My advice never host with the same domain registrar.
.-= New from rob sellen@portland bill Google a mass of contradictions? =-.
Twitter: kikolani
April 20, 2010 at 9:56 am
I have heard of a few sites that lost their hosting due to spamming, or being on the same account as a site that was spamming. Of course, in their case, I knew how the site got reported for spam, and it was legit so it was understandable. I chose them since they are located in Scottsdale, same as I am, so I figured if there were any problems, at least it was a company I could find the office for and give them an in person piece of mind. Fortunately, they have been very good for me – support especially has been pretty excellent.
Twitter: cks1988
April 18, 2010 at 4:38 am
I start to worry about the security of my Wordpress blog now after knowing the hacking issue for your blog recently. I think i really need to do something to protect my blog. Thanks for telling us about the symptoms of hacking.
Twitter: kikolani
April 20, 2010 at 10:10 am
Yeah, they were kind of random and I didn’t think much of them (feed problems, mobile redirect), but little signs can warn you of a major problem.
I had this happen three weeks in a row. Last weekend was the worst with a full scale attack on Thursday that lasted until Monday.
I was up at 5 am and my site was cool this morning. At 9 am it had been hacked.
https://sucuri.net is helping me. Weird how easy it is for the hackers to get past a so called hardened site.
Twitter: kikolani
April 20, 2010 at 10:11 am
That’s a major problem with the hacks – if you don’t find the “back door” file, they can get right back in after you clean up everything.
I had a problem with “Google Cloaking Hack’s “. I had a week until everything bother corrections. It’s horrible. And again, the backups are very important!
Thanks for a useful links from techjaws.com!
.-= New from Stas@Buy Vitamins Online A Day to Act- World Malaria Day =-.
Twitter: kikolani
April 20, 2010 at 10:13 am
You’re welcome. Yes, backups can mean the difference between having all of the files to upload easily vs. having to clean everything manually.
Twitter: DennisEdell
April 18, 2010 at 7:47 am
Nothing so far, aside from a strangeness of my disk-quota being used up awful quick, but I’ll surely be taking this post to heart.
Thanks much for thr awesome resources.
.-= New from Dennis Edell @ Direct Sales Marketing The Official DEDC Comment Policy =-.
Twitter: kikolani
April 20, 2010 at 10:14 am
You’re welcome!
Incidents like these often reminds me of my triumphant ordeal with the hackers of my site back in June 2009 but never had a problem since then even I’ve already transferred hosting four time within 12 months.
I’ve learned my lesson the hard way and it was scary because during that time, I was still new with web hosting and WordPress and got nothing to ask since my host then don’t take responsibility for the issue.
The best solution is a clean install. An XML exported file from wp-admin without reusing any database. I don’t host images on the server anyway so it goes with the XML file as attachments.
Stronger passwords, updating antivirus and regular PC scanning are a way to go.
.-= New from Mathdelane @Software Critics Security Alert: “Biet tin gi chua, vao day coi di” Virus on Yahoo Messenger =-.
Twitter: kikolani
April 20, 2010 at 10:15 am
That’s not a bad idea. I have so much in my database, I don’t think the export would work. I know I have tried to export a lot of posts, or import them, and I think there is a file size limit.
I am very lazy………..but I shouldn’t wait more to do dat………
Today…anyhow i will have to secure all of my blogs……..
I am really scared……..
.-= New from Shamim How To Connect PC to Internet =-.
Twitter: kikolani
April 20, 2010 at 10:16 am
The first rule of thumb is not to freak out if anything happens. Getting upset just clouds your ability to take care of the problem. The calmer you are, the easier it will be to get to a solution.
Twitter: andrewrondeau
April 18, 2010 at 11:19 pm
I constantly change my password. And at any of my blog’s birth, I really see to it that it is secure. Security is topmost priority. Thanks for sharing your experience. We definitely learned something form it and also a big thanks for the great and useful resources.
.-= New from Andrew@BloggingGuide How to Ask to Get Ahead =-.
Twitter: kikolani
April 20, 2010 at 10:17 am
I should change mine more often. It’s pretty secure now – and (fortunately) even easy for me to remember.
Twitter: michaelaulia
April 18, 2010 at 11:58 pm
Thanks for the informative post, Kristi. We don’t normally bother about adding security measures and preventions until it really hits us on the head!
.-= New from Michael Aulia @CravingTech.com Now girls can listen to music with style =-.
Twitter: kikolani
April 20, 2010 at 10:17 am
Very true. I had my site pretty well locked down, and I think I just forgot to put some of those measures back in place after the last upgrade. Definitely a not so friendly reminder to do so!
Hi Kristi,
) about it.
I got a similar issue on one Wordpress site few days ago.
I have cleaned up the site as you did, and posted an article (in French
I’m still searching about the entry point on this attack, and I have two leads : a virus on the PC which could have used my ftp client, or a weak file system security on my hosting provider (as Matt suggested http://wordpress.org/development/2010/04/file-permissions/).
For the prevention, I use the services of http://sucuri.net/ to monitor any unwanted changes on the code of my sites.
Thanks for the sharing of your experience.
.-= New from fanta78 De l’utilisation de Facebook par un social hacker… =-.
Twitter: kikolani
April 20, 2010 at 10:19 am
Thanks for the link back to my article. I still am unsure of the entry point to mine, because I don’t think I had any of my FTP credentials saved on my machine. My config file was not well protected, so I’m guessing it must have been through that.
My goodness. I cant believe that even renowned brands like these have so many security vulnerabilities. Its tough to stay secure. There are phishers everywhere, trying to exploit every single glitches. Wordpress self hosted blogs. There is a large scale infection of wordpress websites and new reports are popping up daily in huge volumes. Hosting providers should deploy some tough security measures to avoid fiasco’s like this in the future. I guess your story can be used as a checklist to identify whether one’s website is hacked or not. Thanks for this informative writing.
Twitter: kikolani
April 20, 2010 at 10:23 am
I think the fact that it is open source makes it super simple for people to see how everything works and then build something to attack it. Plus, since many of the security features have to be implemented on a user level and many require some advanced technical skill, it makes it easy to find unsecured sites all throughout the web.
Just fixed the same problem for couple clients. And they were hosted on Godaddy.
I also had to edit every theme file and also replace all the php files in the home directory except for the config.php.
Twitter: kikolani
April 20, 2010 at 10:24 am
Interesting… I think what I had was different from the Network Solutions issue, and similar to one I had in the past, so it must be universal to any hosting company.
Glad you’re back up and running, and thanks so much for sharing how you fixed everything! I’m trying to implement some of the security precautions, but if I ever get in trouble, I’m coming right back to this post for the step-by-step how to clean up.
.-= New from Christie What advice would you give an introverted student? =-.
Twitter: kikolani
April 20, 2010 at 10:25 am
You’re welcome. I hoped to make this post easy to find for anyone looking for solutions to any of the latest hacks out there.
That’s why we always need to update our software and other security resource. An infected computer can effect our online activity. Thanks for sharing your experience with our. Just wish I never face this issue.
.-= New from Arafat Hossain Piyada MovieRecipes: Find Food Recipes Which You Watch In Movies =-.
Twitter: kikolani
April 20, 2010 at 10:26 am
My PC seemed pretty secure… I have two machines using different antivirus programs (Kaspersky and McAfee) and it seemed like they were realizing infected sites before they downloaded something harmful to my PC. I guess one of them must have missed something though.
Hi Kristi,
Did you inform godaddy about the hack? If yes, what is their response? I mean are they helpful or just pushing around?
I’m concerned because my site is hosted on godaddy as well. I’m proposing to a client to use blog as company website, looks like I need to got this security threat clear up before proceed.
Twitter: kikolani
April 20, 2010 at 10:28 am
I meant to call them, but once I figured out the solution, I just went for it. I figured it was more of something on my end, and I really wanted a hands on approach at figuring out the solution in case something happened again later. I’m sure they would have been helpful, but at the same time, I was able to troubleshoot it immediately on my own.
I also host on GoDaddy, and I had this SAME thing happen. My wordpress installation was up to date, as well as my plugins. I use strong anti-virus protection and also have hardened passwords that are changed a few times a year.
My trojan was a keylogger that took my FTP details and used them to inject obfuscated PHP code in almost every file in my hosting.
While I realize that all hosts have their security problems, this is more than a coincidence. Even our timing is the same.
I will be calling GoDaddy, and I think you should too. I’ve been on the phone with them many times throughout this ordeal and they have never accepted any blame.
Thank you for posting about this so that the rest of us can learn (and in my case find support).
Hi Kristi,
Great site.
I have this exact hack on my site at the moment. And yes I am hosted by GoDaddy as well.
I cleaned up all the code in the php files but about this point you made:
“View Page Source revealed all of the pages and RSS feed for my site had an additional call to a .js script right before the closing tag.”
How did you remove this? I can’t find what file is responsible for this and it is still causing the redirects to spyware sites.
Thanks,
Mark
Twitter: kikolani
April 20, 2010 at 11:00 am
Basically, the script will not go away until every PHP file on your site has been cleaned. I missed a few files on my site, and even just leaving one meant the code stayed behind in my site and RSS feed. So if you have multiple sites on one account, those sites need to be cleaned as well. Plus, you have to check every folder on your site (plugins, themes, subdirectories, etc.) – there could also be an additional PHP file somewhere strange that was added to make sure the code stayed on the site (like in an images folder). It’s tedious, but every page has to be cleaned before it will go away. Also, if you have a plugin like WP Super Cache, you will need to delete the cache. It could be clean but still serving older pages. And it wouldn’t hurt once your site’s Page Source is clean to ping Feedburner so your feed will update to a cleaner version as well.
Great. Very helpful Kristi and thanks for the email.
Mark
@Mark In my case the infection was quite large.
Some standard Wordpress php file :
* /index.php
* /wp-includes/default-widgets.php
* /wp-includes/default-filters.php
* /wp-includes/default-embeds.php
* /wp-admin/index.php
* /wp-admin/index-extra.php
All wordpress javascript files located here:
* /wp-includes/js/*.js
* /wp-admin/js/*.js
To clean up I have simply reloaded a fresh installation of wordpress .
On top of that, there was in the folder /wp-admin/js/ a NEW file ‘user.js’, which is not a Worpdress file. I had to delete it.
.-= New from fanta78 Wordpress: au secours, on attaque mon blog ! =-.
Thanks for the info Kristi! Even though the Daily Axioms blog I write for is on Blogger, we are currently working on a WordPress site as well (but it looks like we were able to avoid any issues so far).
I’ve a long story on this. My 2 years of hard work was brought down by hackers from Russia last month! The guy did insanely awesome hacking and edited few of my posts blaming wordpress security. I was angry. Sad.
Have written about it on my blog as well. However, learnt a lot during the course and have been actively maintaining the website. Had a lil chit chat with the hacker too.. Wordpress is targeted, no doubt!
.-= New from Rockstar Sid Weird Gadgets you never knew Existed. Awesome Gadget Products! =-.
You chat with the hacker as well? Guess he wasn’t going all out to mess up your blog, maybe he just wanted to send some messages out.
Thanks for such a great list of tips and advice Kristi! yes, always backup your files regularly and upgrade to the newest WP version ASAP.
I was recently php-hacked on my Wordpress blog and had to do a complete refresh. Like you, I had help from a fellow developer who walked me through the refresh process. And thankfully I was able to recover all my content and make use of the fresh, albeit frustrating, re-start. ; )
.-= New from Chris Catania It’s Time To See Phish 3D Tonight! =-.
Hi Christi, I want to thank you for your information here. I was hacked a few weeks ago, but I was too afraid to try and fix it myself. I just don’t understand all the code talk and such, so I had to seek help from the people at WPSecurity.com. They did a great job getting everything straightened out for me. I guess I really should start learning a little bit more about code, php files and all that other stuff ya’ll are talking about so that I can keep a closer eye on my site as well.
Thanks for the detailed instructions and tips, getting my sites / blogs hacked is really top of my list of personal nightmares! I am not an overly techie person, but I am religiously in updating themes, plugins and wordpress itself. Additionally I signed up for a service that sends you an email as soon as the content of the websites you want to monitor changes. For the rest, I have to rely on my hosting provider, SY
.-= New from hospitalera@Irish Home Garden Improvements on Ceramic Sinks =-.
About Cloak, most of the time, the hack is already in the template you downloaded or a plugin. The hack is hidden in the code and often upon making changes to the blog – adding post, category, tag, etc – the hack is activated.
Also it may be that it is only revealed when the page is called via a particular user_agent, or only when not logged in (you are often looking at your blog when logged in), etc. or non javascript enabled browser. You can often detect them by looking for obfuscated code (strange series of characters that are unreadable. There is(was?) a plugin also that will detected encoded/obfuscated code in your wp-content dir (where plugins and themes live).
Till then,
Jean
Twitter: erenmckay
April 26, 2010 at 2:27 am
Hey Kristi,
I had no idea you went through this huge headache. I’m so glad you got it solved! What a nightmare. I’ve been reading up on blog security and know that there’s so much to do to get secure. Keeping a backup is the first thing for sure. Bookmarking your page as part of my research on blog security.
All the best,
Eren
.-= New from Eren Mckay Inspirational Parenting Quotes – How I See My Calling =-.
Hi Kristi, this is a unpleasant situation that can happen to every blogger. It seems that you took the best steps possible to bring your blog back to normal.
Thanks a lot for sharing this experience, because it reminds me how important the scheduled daily db backups are, and maybe to take more precautions against hackers.
.-= New from Omer Greenwald How to Manage Your Client’s Expectations Effectively =-.
Yikes, I guess we were not the only ones. We had a site hacked but fortunately we back up everything every day. We simply reinstalled a fresh copy of WordPress (plus a new database), then imported our back up. We lost a day’s posting, but we had that still saved anyway. Thank goodness for backups.
.-= New from Colleen 16th Annual Safe Kids Saturday =-.
The thing I hate most about sites getting hacked is that the general population of people may not know how to correctly respond. Granted, this percentage of people may be smaller with those who actively manage their own sites, but it’s never a pleasant experience.
.-= New from Tony The 6 Dumbest Things You Have (Probably) Done on Twitter =-.
Comments on this entry are closed.
{ 3 trackbacks }