A story of triumph over hardship or How to protect your blog from hackers

blogging tips, how to protect your site from hackers and malware

After 4 tearful days and nights my blog has finally been resurrected. It is now fresh, clean and safe. Do you own a blog or a website yourself? Then you may want read this post and share with others who may benefit from it too.

6 days ago one of my readers told me that their antivirus reported my blog as suspicious. Even though on my laptop it appeared fine, I checked the site on another laptop and on different browsers. It still appeared to be clean. However, further investigations revealed that only one browser picked up the problem with my site. So we updated antivirus on my computer and also ran  a series of scans. Finally, the problem was identified – the site was infected with malware. Moreover, within a few hours the site became inaccessible – I could not access it on a PC.

So I tried to get in via a Mac and it worked. I immediately started cleaning out the malicious code. The clean up appeared to be successful as the tag “suspicious” was lifted and the scan didn’t reveal any harmful code. Unfortunately, the next day I woke to find the site had been blocked – on all browsers! That was shocking. Straight away I wrote to my host asking if they were responsible. We also employed a web-security company to do a guaranteed clean up of all malware and paid for them to monitor the site at 6hour intervals for a year. As all our attempts to restore the site failed, we asked a favour from a friend to get an associate to have a look at the site. He restored the site in 5 minutes. After that the web-security company sent confirmation that all the harmful code had been extracted. Within an hour, the site came back to life – fresh and clean.

So that is my tragic, with a happy twist, story. But how did it all happen you ask? How was it possible that someone got in and inserted malicious code into the site that was running perfectly for a year and appeared to be protected? The answer is: it was a WordPress User Avatar plugin that I installed and hackers used that to get into my WordPress based site. As soon as they inserted the malicious code, it started multiplying and infecting various areas of my site. It also changed the WP login, making it impossible for me to get into the site via the WP-admin area. The rest you already know.

Now, HOW TO PREVENT this from happening to your site/blog:

1)      Be careful with plugins. Especially the ones that deal with images. Many of them have holes in the code that hackers can use to get into your site. Moreover, some plugins can already be infected at the time of installation. Read reviews on the plugin before installing it and run a scan before activating it on your site. Also, review the code looking for some weird code that potentially can be harmful or your site (Google “malware code” to get an idea how it looks)

2)      Update ALL software immediately as soon as an new version becomes available. Always ALWAYS update your WordPress, your theme and all anti-spam and security software. If there is a software update, there is a reason for it.

3)      You may wish to install WordPress Exploit Scanner to search the files and database of your website for signs of suspicious activity. Though it will not stop someone hacking into your site, it may help to identify if there is a problem (because as I said before, you may not see the infection). I used this plugin to find the malware on my site. It works well – even inexperienced users can run and understand it.

4)      You may wish to install a security software on your site. The one that is recommended by WordPress is BulletProof Security. More about it read here. 

5)      You may wish to outsource the task of monitoring your site to a professional web-security company. I employed Sucuri.net. They will monitor your site for a year, check your site every 6 hours and clean if required. It cost about $100 but seriously it worth it (think about all the stress you can avoid). More about them and what they do read here.

6)      If you are told there is something strange happening with your site, scan it immediately for malware, blacklisting status, and out-of-date software. It takes a couple of minutes to scan your site. Sucuri does it for free, check your site now here.

7)      BACK UP! Back up your site as often as you can! We are all guilty of not doing that. So once again – back up. So, if anything happens to your site – you have the latest version of your work. It does not take long back up compared to rebuilding.

I really hope this article will help other bloggers and site owners to avoid potential problems. As they say prevention is better than the cure. So get your site protected if you have not already and let others know how to do it.

More articles on better blogging and blog security can be found here.

Have a great Monday, lovelies!

xx

Maria

P.S. I wish to thank you my loyal readers and friends for your continued support! Without your attention and feedback I could not have resolved this issue so quickly.

 

FOLLOW

Bloglovin || Twitter || Facebook

Related Posts Plugin for WordPress, Blogger...

 

Comments 25

 

Thank you for taking time to leave a comment! However, the comments section has been playing up recently. It's only working if you leave your name & email. Thanks for understanding, Maria xx

  1. Great tips! What a terrible experience. :(

  2. Hester January 30, 2012

    Great article. Thanks for the tips. Good to see you’re back.

  3. The Dainty Doll's House January 30, 2012

    How horrible!! So sorry to hear of this happening to you, I am glad that it is all fixed now, but I know it must have been a great stress on you and sorry to hear there were tears!! *hug* I hope the site stays as is and no more problems for you!! Hope you are relaxing and putting this problem behind you now!! Thanks for the tips too, I will keep them & hope to never have this problem. What a horror. Big hugs to you doll XXX

  4. Maiken January 30, 2012

    hey, dear :) I’m very glad everything worked out just fine. it’s good you made this post and gave everyone some information. I for an example scanned my blog and also created the backup, just in case :) happy blogging, Maria!

    Maiken/
    Maikeni blogi – part of me

  5. Christina @ Hair Romance January 30, 2012

    I didn’t realise all this happened! So glad it’s fixed and thanks for the advice xxx

  6. Tram January 30, 2012

    Aww! I’m so glad that you got your site back up and running! Thank you for this post. I was never aware that sites can have all these bad stuff. Ugh. x

  7. loulou January 30, 2012

    Maria,

    A dreadful thing to happen to you the word nightmare sounds more like it.
    I’ve just re-tweeted your post for others to be aware as well.

    Thank you for the clear advice you have given.

    Have a wonderful day,

    loulou, from hereiamloulou blog

    x

  8. Megan January 30, 2012

    What a nightmare, thanks so much for sharing these tips Maria will definitely take your tips on board. I hadn’t even noticed anything wrong with your site!

  9. Norlin January 30, 2012

    Glad to hear that you’re back. It’s annoying to have your work hacked into and the pain you have to go through to get rid of it.

  10. Ling January 30, 2012

    Oh my goodness! What an awful experience. Thanks for all the tips.

  11. Bree January 30, 2012

    Oh my gosh, I’m so sorry that happened to your blog. Gosh, I hate hackers. Anyways, I’m glad everything’s back to normal and thank you so much for these helpful tips. :)

    P.S. Thanks for supporting my blog!

    Lots of love, B
    http://vivalabreee.blogspot.com/
    Tweet me: Viva_La_Breee

  12. Jen January 30, 2012

    Great tips – so glad to hear that it’s all resolved. bad karma will get those people!

  13. My Gosh! That is shocking, my blog is built in WordPress and I would be devastated if this happened, I’m really pleased it worked out OK for you.
    I’m gonna check I have everything updated straight away – thanks for the advice.
    Gems x

  14. Chyrel Gomez January 30, 2012

    Great tips and I bookmarked this entry. I experienced this before hence no more blog roll on my sidebar other than my boyfriends. Glad your blog is up and running.

  15. Jen W February 1, 2012

    I’m SO glad things are finally sorted after all the stress! It’s a horrible horrible thing to go through, I totally understand.

    Thanks for sharing this with us! I’m going to share this article now.

  16. Angie February 1, 2012

    How horrible that you had to experience that! I should really look into protecting my site and my work more, I’ve been so blase about it until I read this!

  17. Samantha February 2, 2012

    Oh wow Maria. I’m glad you were able to resurrect your blog, although I would have had a heart attack in the mean time also. Thank you for sharing this about malware. Although I use a blogger platform, it’s always good to be aware about things like this.

    xo, sam

  18. Miranda February 2, 2012

    I’m glad you managed to get your site back on track! I know exactly how you feel as a couple of months ago my email got hacked and then a virus was planted in it (which changed the password regularly) by the hackers. Even worse, all my social media and other online accounts had been linked to that email id so I lost almost all my accounts, including my blogger.com account. Luckily my IT friends solved the problem, while the social media sites were nice enough to help me recover my accounts and block access to them temporarily until I sorted things out. I had to format my laptop just to make sure there wasn’t any malware stored somewhere. Luckily I had backed up my laptop 2 weeks before the incident and was able to restore all of my data. The tips you gave here are exactly what one needs to do to avoid such problems – back up, protect and update everything. I know use a double-security log in system on some of the site where it is available. I receive a code on my mobile in order to log in. It may seem far-fetched and exaggerated but after a week of tears and stress I realised I must do everything I can to avoid such mishaps in the future. Hope neither you nor anyone else has to go through such a thing!
    x

  19. […] from Styling You and Maria from Crashing Red have both been faced with this. No blog. Just gone! (Both got them back, but we have learnt some […]

  20. Steph @ Lipstick&Cake February 3, 2012

    My work laptop is currently under attack from a nasty virus (and is now with my IT dept at work)… but that and your dilemma has really scared me. I’ll be backing up my blog today!!
    Thanks for sharing Maria
    xx

  21. […] clicked through to this post on Crashing Red and promptly sent an email to myself with the link, thinking this was GOOD information to share in […]

  22. Rah February 4, 2012

    Thank you so much for introducing me to the exploit plugin! I moved webhosts last month because I had been hacked multiple times and figured that I was getting what I was paying for (dirt cheap webhost = dirt).
    With the exploit plugin I discovered that I’d moved an infected base64 file over to my new webhost!
    All removed now though PHEW!

  23. Antonia-Ivana February 5, 2012

    Omg, I feel so pity for you. It would have been a horrible shock for me.. Luckily everything went fine!!

    http://www.antoniaivana.blogspot.com

  24. […] because I had heard a few bloggers talking about their sites getting hacked, and then I read about Maria’s drama and Nikki’s […]

  25. […] A $90/yr investment is $7.50 a month – that’s not even 2 coffees. Crashing Red wrote a really helpful post (where she also recommends Sucuri) after her site was badly hacked – it’s a helpful read and one to bookmark for future reference: A story of triumph over hardship or How to protect your blog from hackers […]