Sonia Marsh - Gutsy Living

Life's too short to play it safe

  • Home
  • About Sonia
  • Blog
    • Starting Over
    • Solo Cruising
    • Travel & Adventure
    • Peace Corps
    • Writing & Publishing
  • Books
    • Freeways to Flip-Flops
    • My Gutsy Story® Anthology
  • Media
    • Press Kit +Videos
    • Print Media
    • Awards-Reviews-Testimonials
    • Sonia’s Blog Tour
  • Contact
You are here: Home / Archives for website hacked

My blog was hacked. Why me?

October 10, 2011 by Sonia Marsh

 

My website was hacked last Friday and I felt sick to my stomach. It felt like an intruder entered my home, stole  my belongings and left me naked and vulnerable.

How could this happen to me? I’m not a corporation or a business selling products; no I’m Sonia Marsh, author and blogger who enjoys a community of people from around the world.

So here’s what happened. (I am not a professional website designer or coder who can offer technical advice.)

I logged onto my hosted WordPress website and noticed that the photograph on the most recent post on the landing page had disappeared. A black dot had replaced the photo. The photo was still on the post, so why wasn’t it being “pulled” onto the home page? (My website designer and coder had written code to do this automatically.)  I experimented uploading another photo hoping  this might be the solution. After deleting photos from my Gallery, and uploading them directly into my post, nothing worked. Within an hour or so, all photos on my home page were replaced by small black dots. I felt like my blog was slowly crumbling in front of my eyes just like the frightening photos of the Twin Towers on 9/11.

I checked all three of my domain names and my website never popped up. The directory no longer had an index file. I no longer existed on the web. As I mourned the death of my website with hundreds of posts, photos and comments gone forever, my immediate reaction was the most common one: panic, which can also be the most dangerous one. Douglas Karr explains in his article “WordPress Hacked? Ten Steps to Repair Your Blog,”

  • “Stay Calm! Don’t start deleting things and installing all kinds of crap that promises to clean your installation up. You don’t know who wrote it and whether or not it’s simply adding more malicious crap to your blog. Take a deep breath, lookup this blog post, and slowly and deliberately go down the checklist.”
  • Call your web-hosting company, if you use one, and ask them to look into it.
  • Act fast. Get immediate professional help if you don’t know how to fix yourself.

I went from panic, to mad to Gutsy, and said, “That damn HACKER is not going to get away with this. I’m not giving up after all these years of blogging, I have to get it back.”

I e-mailed my web-designer who got back to me right away and said, “Sonia, you’ve been hacked. Call your web-hosting company immediately and find out what’s going on.”

She is not a coder but put me in touch with a fantastic guy who informed me the problem lies with a script called: timthumb.php. That script had a ‘hole’ in it that would let people take over WordPress sites.

From there it infected almost every other file in WordPress, the plugins and the theme.
In order to reduce your risk here are a 5 steps to take if you use WordPress:
  1. Keep your themes and plugins updated – #1 cause of malware infections and hacks independent of any platform!
  2. Only download from reputable sources (WordPress.org).
  3. Only use plugins and themes that are being actively developed and have good, trusted reviews. Do your homework
  4. Keep an eye on WordPress security news to see if there are any issues with the plugins or themes you are using.
  5. Don’t just disable, remove any software that you’re not actively using. Just because it’s not active doesn’t mean it’s not vulnerable
I lost two pounds on Friday from nerves and not eating and had an event to attend in the evening. Fortunately, when I returned, Loren, the tech guy, left me this message.
“I pretty sure I’ve got it clean
I had to completely re-install WordPress
Delete all plugins
Re-install all plugins
clean every theme file.”

I clicked on my website: soniamarsh.com and I was back online. I celebrated with a glass of wine, and deleted a couple of plugins I don’t use. I hope this never happens to you, or to me again.

Don’t forget to change your passwords frequently.

Have you been hacked before? How did you react?

 

Above Photo Daniel Conway

 

 

  • Facebook
  • Instagram
  • LinkedIn
  • Pinterest
  • Twitter
  • YouTube

Sign up for my Gutsy Updates

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.

Welcome to My New Life

Welcome to My New Life

Do you feel trapped?
Let me Help You Rediscover Your Freedom.
I divorced at 58, and now belong to myself.
If I can do it, so can you!
Let me help you find your purpose and become your own best friend.

Click the cover to buy on Amazon

Recent Posts

  • Will Robots Help Us Age at Home? The Future of Robots for Seniors
  • Do You Really Want to Live to 120? The Truth About Healthspan vs. Lifespan
  • I’ve Forgotten How to Drive — My Tesla’s Drives Better Than Me

Also Available At:

Latest from the blog

  • Will Robots Help Us Age at Home? The Future of Robots for Seniors
  • Do You Really Want to Live to 120? The Truth About Healthspan vs. Lifespan
  • I’ve Forgotten How to Drive — My Tesla’s Drives Better Than Me
  • Why I Quit Dating Apps at 68—And My 35-Year-Old Son Has the Same Problem
  • Solo Cruising Doesn’t Mean You’re Alone

Top Posts

  • 11 Reasons Why "Just You" is the Best Solo Travel Company
  • My First Basotho Funeral
  • "My Gutsy Story" by Keren-Niccole Bunnell
  • Vote for your favorite September "My Gutsy Story"
  • “My Gutsy Story®”Jan Marshall
  • Privacy Policy

Copyright © 2026 · Beautiful Pro Theme on Genesis Framework · WordPress · Log in

Loading Comments...