The Quill was hacked. Did you notice Russian lettering in many of my social streams?
“Tom, don’t let anybody kid you. It’s all personal, every bit of business.”
All things come down to The Godfather, right?
I’d been working on a writing project when my emails started flying in and Google+ and Facebook notices started piling up.
I opened the first email, “Lee, I think your site was hacked.”
The second, “There is something going on with your site.” This coming from all sectors of my social life.
So I checked it out.
I saw about 350 new administrators, including me! I deleted all of them and the posts they had created, changed my password and notified my hosting site and spent the rest of the night cleaning up my social streams
Murphy’s Law is as true as the Law of Gravity
My computer was in the shop (of course) so I spent the rest of the evening deleting posts off of my social feeds and then crawling into the back pages of my computer and deleting the (new) subscribers that had signed up in a concentrated attack (throwing their grammar laden posts out with them. I of course changed my password in the process.
I also started the calls for help. There was no way that I could get rid of these hackers without help. No one around me was proficient in coding, social media, et al. The fix given to me by my server didn’t work. Their reason for the invasion was off as well.
The first thing I thought about was you. Yeah, you’re supposed to say that all of the time and it sounds trite, but I’m serious. I was lost without my computer. I was concerned that your emails were getting swamped with spam. I started calling subscribers that I knew and asked what was going on with their email. I called hosting but I was not getting to the problem because I had no computer. Murphy’s Law struck again. The host company thought they had fixed the problem but it hadn’t. And now I could no longer log into my own page.
Of course, I knew this wasn’t personal. They weren’t targeting me; they were taking advantage of a vulnerability (which occurred as I switched from one theme to a live version of another).
But, like the Godfather, everything feels personal whether it’s business or not.
Make sure your sign-in name is not “admin”
This is the first thing hackers look for when trying to break into your site. Then they will try and look on your social feeds to find something familiar only to you that you might use, like your first name or the name of your pet. Be aware of this. You cannot change the name after it is in the server. But you can make your password a triple barriar.You can also install a captcha plugin so it is even harder to get inside by a coded bot or mischeovous hands.
* For the record, I changed the “admin” at the sign in page to another passcode, which is what all of the security pages encourage you to do from the beginning. If you haven’t done this, please do it asap.
What to look for in wordpress plugins
Please be aware that this could happen to you as well First, change your password.
Especially after Heartbleed. if Google got hacked, someone could hack your site as well.Make sure that all of your plugins and themes are up-to-date with a code fix after Heartbleed. If you are looking to download plugins, make sure that they are also updated after Heartbleed. To check this, read the “detail” info on a plugin before downloading and look to the right in the box to see when the last update was, making sure it was after the latest problem and that it will fit with the theme you are using. Also, look to see ratings and how many websites have downloaded this plugin. I always go for the five star plugins. Make sure you have Wordfence or one of the paid security plugins. You, as the webmaster, must do your due-diligence. My window was when I switched and went live with another theme and then switched back again late at night because my old theme offered more so I had to reset everything on my site. Again. But somewhere in the world, there was someone looking for a free ride on the blogosphere and found it, and me, at the moment when I was most vulnerable.
For security plugin, I use Wordfence Security. It lets me know if there is an update needed ony site or if there was an attack of 10 or less (the number I set it at) to my site. It keeps an eye out for me. It’s brilliant.
Don’t let this happen to you.
To help you make sure you are covering your…bases, this is a top-notch article on safety:
For general security advice, check out Chris Wiegman’s site for great references.
That one known hacker from Korea will not be able to visit my site after installing this plugin basically banishing him from my site: WP Ban
Troy Hunt: Lessons in website security anti-patterns by Tesco use this plus all other 27th reminders
Back-up your site
You know this already but have you done it? If not, just go to the “add plugins” section on the back end of your site and hit Updraft Backups. It’s a free plugin but also a good one. If you feel more comfortable with a paid one just do a search for your budget and plug it in. Your site will be backed up by the time you wake up tomorrow.
Years and years of work to get great connections on Google Plus and to build up to Google Authorship for this?
Soon after, I had typed in my “admin” address for the back side of my site. In Chrome the url bar is also “search in Google”.
Whatever I typed in, obviously tied to “admin” brought up my profile and number of people in my circles and a page with all of the information on getting into the backdoor of sites. It was extremely jarring, my face–which is your “brand” as an author–right next to the post that discussed how to use loopholes, for any site and for servers. (My server has since closed that loophholes.) It brought back all of the heartrending minutes upon hours stretched into days where I was deleting one “post” after another, thinking of all of the years that I worked on learning about google authorship and then putting codes in the header (without breaking the site) and the years of research and writing …it just drained my spirit.
At least my site ended up #1 on the first page of Google for hacking into my site. I would expect nothing less.
My site had become not only was an outpost for paid postings but also a forum for the hackers and a way for them to touch base. Even after I had raided them and killed them dead they would send me messages from the contact page; spamming my site and crunching Askimet, my email host, and my patience.
Each time I logged into my site to update plugins there were hundreds of comments, apparently since they were only able to get at the site from the front of the page, they would still leave comments with many, many links so if there were any hackers living and they saw the comment, they would be able to regroup, if all went well, at the newly hacked site.
But you and I are going to make sure our business doesn’t get too personal from hackers that are deficient in morality.
The next post I have written for you is a tutorial on what you need to so behind the scenes to make sure your site stays away from the lesser-ones and I will give you a great many tools for you to help you be an even better webmaster.
I do want to thank you for all who hung in there, aware in generalities of what was going on and sitting patiently through it all. I very much want to hear from you. Were you overloaded with spam or worse, had control of your site taken away from you? Please let us know how you handled the situation. And thanks again for being my loyal subscribers. After this next post, I have the Monster Book Marketing Post coming soon after the Webmaster post!