Hazard! Caution! Warning! Actung! Attenzione!

• Posted on March 20, 2014March 20, 2014
• by Karen Fayeth
• 6 Comments

So there I was a week ago on Tuesday, sitting at my desk and having one of the worst days at work in recent memory. There were all kinds of bonfires burning brightly on my desk. Still are.

So much so that in a recent hot project review with my manager and all of my peers, the Boss Lady remarked “wow, you have all of the really awful problems, don’t you?”

She is fairly unflappable and not easily worried by the bonfires that my job brings, so her concern means I am seriously up to my eyeballs in alligators.

As the day progressed like a hammer to the head of a nail, I decided to sit back for a few minutes and look at some personal email by way of distraction.

That is when I found an email from someone I don’t know, a Good Samaritan if you will, letting me know that my sweet Oh Fair New Mexico site had been hacked.

Oh joy. Just exactly what I needed.

This was, in my opinion, a particularly insidious hack. It was done so cleanly that I never even knew it had been hacked. Google “WordPress Pharma Hack” and read the pages and pages devoted to this really clever little invisible hack.

Instead of fiddling with my content or the front page of my blog, the intruder created something on the order of hundreds of offshoot pages from this blog. Those pages purported to sell all variety of fun pharmaceutical products, stove tops, waxing kits and more.

I suppose I should have guessed I was hacked when my website began to slow to a crawl. Then recently I noticed I couldn’t reach my website from my home network. A ticket raised at my hosting provider said “No, your blog is up and running.”

Turns out my ISP had blocked my infected web page. My blog continued to slow down even more. It began taking several long seconds to load.

I feel sort of sheepish that I didn’t figure this out for myself. The signs were there. I make a living in the tech industry, but when it came to my own blog I was a silly little twit.

So after receiving the bad news I:

1) freaked out, then

2) contacted my hosting provider who had done me the service of setting up my blog originally

Within about twenty minutes they had replied to my ticket and did their part to clean out all of the offending sites. I checked several of them to be sure they were shut off. A bit of Googling around showed me that I had been hacked going back into last year. Hoo boy.

Then I had to raise another ticket because I noticed that my usual log in page redirected me to a page that looked exactly like my log in page but had a different URL. Thankfully I did notice that in the URL line on my browser.

My hosting provider responded by giving me another way into my blog. Once in, I realized that my hacker friends had set up no less than five admin accounts on my blog and one more that was invisible. I could only tell that by seeing that I had one (1) line item for users but the count in the header of the page said I had two (2) admin accounts.

Hell, I never check my admin page, but I should have.

So I did a lot of research and I learned about PHPMyAdmin and I got new keys from WordPress to make sure if the hackers were still logged in it would crunch their cookies and I changed passwords.

And I freaked out a little more.

Then I went to Google and signed up for their webtools (as suggested) and ran through the process so I could get the “this site may be hacked” message to not show up in search results for my little blog. That seemed to work fairly quickly.

And then I freaked out less but still felt anxious. And I kept working on cleaning up the mess that was left behind.

It all feels so…dirty. I mean, I don’t get a ton of traffic to my little blog but it’s my tiny corner of the internet and this week I celebrated my seventh year of blogging. Over half a million words.

A lot of fun has been had. By me at least.

From all of this, I have learned that WordPress blogs are particularly hackable. I have also learned that some hosting providers are also particularly hackable.

I have some other things I want to do to better secure my blog, but I certainly can’t promise I won’t get hacked again.

In fact, based on my research, I probably will get hacked again pretty soon until I get better security on my pages.

I may have to just shut down the blog entirely, but for now, I’m back up. It seems to be running a little quicker. I do regular backups on the blog but I did another just to be cautious.

So there you go. For today I’m back to blogging and not selling.

I like it here. Oh Fair New Mexico makes me happy, and for the few but loyal readers I have, I hope it makes you happy too.

Meanwhile if you came here because you want to buy some good drugs off the blog, the bad guys are no longer in business at this location. For now, anyway.

__________

*Special thanks to the kind reader who tipped me off about the hack. I am quite grateful to you.

**Humorous side note: When I told The Good Man that I had been hacked he went to look at the blog. He thought my kooky post about big cats liking Calvin Klein Obsession cologne was the work of the hackers.

Lol! I had a hell of a time convincing him that I wrote it. *grin* They can’t all be winners.

Image found here.