WordPress Blog Hacked
Several days ago, I was shocked to have seen my blog got hacked. The message that was then showing at my homepage was some kind of picture (see image below) with a message from the so-called “Great Team.” And there was the unlikely inclusion with the country Libya in the static page which also made me question if it was, in some way or another, related to the recent uprising in Libya and its retaliation to the U.S. Perhaps it is, but one thing’s for sure. My blog was really hacked.
My first plan of action then was to contact my webhost. I first asked them, if it was an issue with their web servers or if it is really something directly concerning about my wordpress blog. As I suspected, it was the latter. And all I hoped that time was to think that the damage was not that bad.
I finally got a reply from my webhost and they said that only my theme file got hacked. Sigh! So I guess it was a minor case then. Or was it? Later on, I was also advised by them to troubleshoot some existing vulnerabilities in my blog and ask for a professional help from an expert web developer on how to prevent such issues from ever occurring again.
But even before I can contact a web developer, I was once again shocked two days after because my site displayed another message with a white background. It simply said “an error occurred, please contact support.” What the h*ll! Now, I was really pissed. I think this was another hacking. But as of that time, I was a little composed because I always had my back-ups ready just in case.
For the second time, I then contacted my webhost and as always they responded quickly and told me that my blog has already been compromised as a result of multiple Trojan uploads. Well, this does not sound too good. The only resolution they gave me was that they have to delete all data on their servers related to my exiting site and have to re-activate it again for me to start from scratch. For some this may be just okay, but for someone like me who has made more than 1,000 posts already – this is not at all funny!
I had no other choice but to allow site re-activation with all my files deleted because my blog will still be compromised with possible backdoors if incase I’ll just restore my old back-up. So what did this experience gave me? We’ll I learned to always check my plug-ins and theme files if they are approved by wordpress. I also learned that I have to keep my wordpress up to date because I previously used wordpress 2.7 for more than 3 years without even updating to the current version 3.2 (as of September 2011). Thirdly, I learned that I should use hard to guess passwords for my admin log-in page for wordpress, C-panel for my webhost and all other accounts related to the blog. These are on top of the regular back-ups that I need to observe for my blog.
Hope this post WordPress Blog Hacked will also teach you on how to prevent such attacks from happening to your blog.