Story of a Hacked Site (and recovery)
My site was hacked this week.
I am a bit of a security nut. My passwords are always strong and complex. My site is regularly updated. In short, I follow all the recommended guidelines and all the security protocols I recommend to clients. Still, my site got hacked.
When I launched my site this week, I saw my menu items changed to all sorts of obscure links. Then it was gone and it looked normal. Just in case, I emailed my host requesting a malware scan. Sure enough they found it infected. I changed all my passwords, removed unnecessary plugins, removed extra accounts, updated everything. The host then started cleanup.
This is where the story really begins. Getting your website broken into happens. I have no idea why or what the purpose is but some times it happens. Just like our memory cards on our cameras fail and pro cameras have dual slots, it’s a matter of being prepared for if it happens to you.
Thankfully, I was prepared and my host is awesome. Within one hour, my site was backup and running.
Or so we thought…
I’m also very thankful to a visitor on my site for emailing me today to tell me she was redirected to an ad on Craigslist from my site. Apparently, there was still some infected files. I emailed my host, Flywheel, today on a Sunday. Within a few minutes they replied and were working on checking the site again.
Unfortunately, the malware affected my content this time, so we had to restore as far back as possible without losing too much of my recent content. I was able to copy and paste the text from a couple blog posts to make recreating them easier. Then we restored from earlier in the summer.
The key is that we had multiple restore points to choose from. I also have the awesome customer service with knowledgable techs to take care of cleaning the site. I could have lost years of content or I could have lost hours to the telephone getting shuffled around to someone who understood WordPress. Instead I lost about 10 hours worth of work. I mean this does absolutely bite and it means I have to start over on the redesign I was doing of my site, but I realize how much being prepared helped and am grateful to have only lost hours not days or years!
Do you have your site being regularly backed up with everything (files and database)? Do you have a way to handle it if something does happen to your site so that you won’t miss out on new clients and lose revenue?
These are things to definitely think about.
I’m hoping this story ends here, but am waiting before I do anything more on my site, just in case. Once I’m sure everything is stable again, I’m going to finally get to making my two sites (jessiemary.com and this one) into one. Stayed tuned for a new design and an easy to navigate experience.