My website was hacked last Friday and I felt sick to my stomach. It felt like an intruder entered my home, stole my belongings and left me naked and vulnerable.
How could this happen to me? I’m not a corporation or a business selling products; no I’m Sonia Marsh, author and blogger who enjoys a community of people from around the world.
So here’s what happened. (I am not a professional website designer or coder who can offer technical advice.)
I logged onto my hosted WordPress website and noticed that the photograph on the most recent post on the landing page had disappeared. A black dot had replaced the photo. The photo was still on the post, so why wasn’t it being “pulled” onto the home page? (My website designer and coder had written code to do this automatically.) I experimented uploading another photo hoping this might be the solution. After deleting photos from my Gallery, and uploading them directly into my post, nothing worked. Within an hour or so, all photos on my home page were replaced by small black dots. I felt like my blog was slowly crumbling in front of my eyes just like the frightening photos of the Twin Towers on 9/11.
I checked all three of my domain names and my website never popped up. The directory no longer had an index file. I no longer existed on the web. As I mourned the death of my website with hundreds of posts, photos and comments gone forever, my immediate reaction was the most common one: panic, which can also be the most dangerous one. Douglas Karr explains in his article “WordPress Hacked? Ten Steps to Repair Your Blog,”
- “Stay Calm! Don’t start deleting things and installing all kinds of crap that promises to clean your installation up. You don’t know who wrote it and whether or not it’s simply adding more malicious crap to your blog. Take a deep breath, lookup this blog post, and slowly and deliberately go down the checklist.”
- Call your web-hosting company, if you use one, and ask them to look into it.
- Act fast. Get immediate professional help if you don’t know how to fix yourself.
I went from panic, to mad to Gutsy, and said, “That damn HACKER is not going to get away with this. I’m not giving up after all these years of blogging, I have to get it back.”
I e-mailed my web-designer who got back to me right away and said, “Sonia, you’ve been hacked. Call your web-hosting company immediately and find out what’s going on.”
She is not a coder but put me in touch with a fantastic guy who informed me the problem lies with a script called: timthumb.php. That script had a ‘hole’ in it that would let people take over WordPress sites.
- Keep your themes and plugins updated – #1 cause of malware infections and hacks independent of any platform!
- Only download from reputable sources (WordPress.org).
- Only use plugins and themes that are being actively developed and have good, trusted reviews. Do your homework
- Keep an eye on WordPress security news to see if there are any issues with the plugins or themes you are using.
- Don’t just disable, remove any software that you’re not actively using. Just because it’s not active doesn’t mean it’s not vulnerable
Delete all plugins
Re-install all plugins
clean every theme file.”
I clicked on my website: soniamarsh.com and I was back online. I celebrated with a glass of wine, and deleted a couple of plugins I don’t use. I hope this never happens to you, or to me again.
Don’t forget to change your passwords frequently.
Have you been hacked before? How did you react?