So, you may have noticed if you are ‘freinds’ with me on Facebook, or follow me on Twitter, that I, um, experienced some difficulty with my website today. It started when I noticed an unusual email with spam comments on my photo gallery. When I went to delete those comments, I could not access my site. It was redirected to some random, non-existent website. Problem, yes?
It turns out this is not uncommon, at least if you use WordPress. Hackers can access via password, not surprisingly, but they can also exploit a few geeky things without logging in to your admin account at all (think of it as a ‘loophole’). I suspect the latter is what happened to me. I’ll spare you the details, in part because I still do not fully understand what happened. If you host your own website, I highly recommend doing a little investigation into website security. There are some very easy steps you can take to keep your site protected.
The good news is that I believe I caught this early, and thus little damage was done. It was interesting to see how many extra pages it had created, including an online pharmacy (!). You couldn’t have seen these pages from the main eirejames site, but Google could have seen it. Plus any sites the hacker (probably an automated program). And that is the danger because Google flags you as a spam site, which is really tragic if you are not one.
Unfortunately, most sites, and my conscious, recommended deleting your entire WordPress install. So, if things look different around here, that’s why. Fortunately, it is easy to back up most of the work I had done and simply restore it, this time loophole free. And, while I was fiddling with getting things back up, I took the liberty of changing things a bit. Always fun, for me anyway.
The biggest loss is the photography gallery, which too could be resurrected. I, however, think I will opt not to recreate it as it was; it just didn’t fit in all that well. I’ll figure something out, and get those back up one of these days.
If you follow the blog via email, you probably will need to resubscribe: you can do that from the homepage, on the lefthand side. If you read via some other method, you may need to update that as well. Or you may not. And if you read whenever you see me post on Facebook, Twitter, or Google+, rest assured nothing has really changed.
I am long overdue for my class updates, and I have several other drafts I’m working on. But now, here in Ireland, it is late and I think I shall head to bed. Seriously though, if you host your own website, and use WordPress for content management/blogging, look into your security options. If you don’t, or blog via wordpress.com or blogger.com you should have nothing to worry about. Just keep your password safe (but you are doing that with all your passwords already, aren’t you?).