Hacked

:

This week started off interesting. As I woke up in the morning, I began to start a new entry when for some reason I couldn’t access my admin page. I didn’t really have time to do anything about it because I was running late and just ran off to work. Later, I found my blog showing a different page and Dylan Goldby also sent me a message informing of this strange looking page.

By the time that I got Dylan’s message I was in full research-mode trying to figure out how they got in. Was I using a randomly chosen password check! Was I using the latest version of wordpress check! Was everything else up to date check! So now what? First of all, I had to get access to my admin page and change the password.

This week started off interesting. As I woke up in the morning, I began to start a new entry when for some reason I couldn’t access my admin page. I didn’t really have time to do anything about it because I was running late and just ran off to work. Later, I found my blog showing a different page and Dylan Goldby also sent me a message informing of this strange looking page.

By the time that I got Dylan’s message I was in full research-mode trying to figure out how they got in. Was I using a randomly chosen password check! Was I using the latest version of wordpress check! Was everything else up to date check! So now what? First of all, I had to get access to my admin page and change the password.

With the password reset and access to the admin panel I felt a little better. The next step was follow the 10 steps to repairing your blog by Douglas Karr which helped me immensely. With in a few moments I had the blog backed up and I started looking through the files to try and see where the redirect came from. I found out that the hacker had rewritten two files in my theme (index and home). Thankfully, I had all the fresh clean files on my computer and by replacing them, the hack was gone without destruction to my blog.

A few things that I learned from this episode. First, keep your site up to date. Even though mine was up to date, it is common for people to not be bothered by the frequent requests to update their site. Second, the common places for the hacks to put their codes are in the index.php files, home, and headers. In my case, both the index and the home files looked a little strange because they were so small. It was easy to see where the code was. However, sometimes it is buried deep in your files and you have to go through it line by line to see where it is.

Finally, whether you have purchased a theme like I did or you are using a basic one, keep a backup clean copy on your hard drive. That way, you can replace the damaged files without any problems. Thankfully, this was an easy fix and very little downtime. Dylan, thanks for the heads-up!

 



Leave a Comment