A story of triumph over hardship or How to protect your blog from hackers
After 4 tearful days and nights my blog has finally been resurrected. It is now fresh, clean and safe. Do you own a blog or a website yourself? Then you may want read this post and share with others who may benefit from it too.
6 days ago one of my readers told me that their antivirus reported my blog as suspicious. Even though on my laptop it appeared fine, I checked the site on another laptop and on different browsers. It still appeared to be clean. However, further investigations revealed that only one browser picked up the problem with my site. So we updated antivirus on my computer and also ran a series of scans. Finally, the problem was identified – the site was infected with malware. Moreover, within a few hours the site became inaccessible – I could not access it on a PC.
So I tried to get in via a Mac and it worked. I immediately started cleaning out the malicious code. The clean up appeared to be successful as the tag “suspicious” was lifted and the scan didn’t reveal any harmful code. Unfortunately, the next day I woke to find the site had been blocked – on all browsers! That was shocking. Straight away I wrote to my host asking if they were responsible. We also employed a web-security company to do a guaranteed clean up of all malware and paid for them to monitor the site at 6hour intervals for a year. As all our attempts to restore the site failed, we asked a favour from a friend to get an associate to have a look at the site. He restored the site in 5 minutes. After that the web-security company sent confirmation that all the harmful code had been extracted. Within an hour, the site came back to life – fresh and clean.
So that is my tragic, with a happy twist, story. But how did it all happen you ask? How was it possible that someone got in and inserted malicious code into the site that was running perfectly for a year and appeared to be protected? The answer is: it was a WordPress User Avatar plugin that I installed and hackers used that to get into my WordPress based site. As soon as they inserted the malicious code, it started multiplying and infecting various areas of my site. It also changed the WP login, making it impossible for me to get into the site via the WP-admin area. The rest you already know.
Now, HOW TO PREVENT this from happening to your site/blog:
1) Be careful with plugins. Especially the ones that deal with images. Many of them have holes in the code that hackers can use to get into your site. Moreover, some plugins can already be infected at the time of installation. Read reviews on the plugin before installing it and run a scan before activating it on your site. Also, review the code looking for some weird code that potentially can be harmful or your site (Google “malware code” to get an idea how it looks)
2) Update ALL software immediately as soon as an new version becomes available. Always ALWAYS update your WordPress, your theme and all anti-spam and security software. If there is a software update, there is a reason for it.
3) You may wish to install WordPress Exploit Scanner to search the files and database of your website for signs of suspicious activity. Though it will not stop someone hacking into your site, it may help to identify if there is a problem (because as I said before, you may not see the infection). I used this plugin to find the malware on my site. It works well – even inexperienced users can run and understand it.
4) You may wish to install a security software on your site. The one that is recommended by WordPress is BulletProof Security. More about it read here.
5) You may wish to outsource the task of monitoring your site to a professional web-security company. I employed Sucuri.net. They will monitor your site for a year, check your site every 6 hours and clean if required. It cost about $100 but seriously it worth it (think about all the stress you can avoid). More about them and what they do read here.
6) If you are told there is something strange happening with your site, scan it immediately for malware, blacklisting status, and out-of-date software. It takes a couple of minutes to scan your site. Sucuri does it for free, check your site now here.
7) BACK UP! Back up your site as often as you can! We are all guilty of not doing that. So once again – back up. So, if anything happens to your site – you have the latest version of your work. It does not take long back up compared to rebuilding.
I really hope this article will help other bloggers and site owners to avoid potential problems. As they say prevention is better than the cure. So get your site protected if you have not already and let others know how to do it.
More articles on better blogging and blog security can be found here.
Have a great Monday, lovelies!
P.S. I wish to thank you my loyal readers and friends for your continued support! Without your attention and feedback I could not have resolved this issue so quickly.