Be ready or ….
This is a very personal post. First of all, my dear readers, I’d like to inform you that my blog was victim of a hack. You might be wondering in the past few days that my website did not responded or showed an error. Yes, this happens not only to banks and big online business where the hackers are proud to show how strong they are, but also to small websites and blogs which helps other people and readers to find their way out in a very complex word of virtualization. It’s pretty sad, ugly but it happened.
I’m certainly not the first one to get a blog hacked. This can happen to anyone, so read on if you want to get prepared better than I did. In fact, I wasn’t prepared at all and for me it happened in the worst possible moment.
It’s the WordPress Database which got hacked, and in the worst possible moment, where I was moving from one place to another. Do you know Murphy ’s Law? If not (or yes), read my experience….
– If anything would goes wrong, than you can be sure that it will.
– If anything could happens to your blog while you are left without a computer, than it will.
– If anything could break down while you’re left without Internet access, than it would.
– If anything could go wrong with your WordPress database backup, than you can be sure that it will happens in the worst possible moment.
– If anything could catch you unprepared to restore (I was testing different backup solutions for a blog and changing the backup strategies at that time….), than you can be sure that it will.
– If anything could happened when moving to live to a different place (so obviously you’re unsubscribing your DSL Internet access and handing the DSL box to your ISP the day before you’re leaving) than it would.
– Once in the new place, you certainly have 1 000 000 of things to worry about, then……. hacked blog….
Now, how it all happened? I received an e-mail from my webhosting company saying that my website got hacked…..
“Your site has made an excessive amount of bandwidth. For the past days you have made bandwidth of 1TB and caused flood on our network“
Also, I think that the database could be (and was) infected long time ago, so to restore a recent backup would just not make sense since the recent backups would have been corrupted with the malicious code as well. How to find the way out from situation like this? Not easy. That's why I was taking time to recover and collaborated with my support team.
Once back online, I was wondering on some BCRD plans for blogs or for websites on a budget. I wonder what strategies of disaster recovery for a blog? This is not VMware environment and I’m not in charge of the backup/recovery tasks in this datacenter. I’m not responsible for that. My blog lays at some datacenter and I’m a customer. If you look carefully on your webhosting plan, nowhere is written what happens when your blog get hacked, and how the recovery process would work. The hosting guys can restore the whole VPS from backup, but without the granularity that you would need. They can mirror the installation onto another VM as well, but you can’t really ask them to do more. Or at least not during their working hours… -:).
Fortunately enough, I found myself a supporter in the Hostcolor team. He did not want to be named in this article. He was able to clean my WP Database from the malicious code and get me back on line. And because he was working on it in his free time, it took a bit longer than it usually should if I would be a big company.
Now when I’m back, with new experiences (did not asked for it), I might reconsider the backup/recovery strategies and will look and ask around how you guys doing your backups of WP database…? I must say that my WP database is about 50 Megs. Not small. The problem is not only the backup, but also the restoration, because you are limited on when it comes to import large exported .SQL file. You can change it in the php.ini configuration file if of course your hosting company gives you shell access. You can be pretty sure that you won’t get the shell access while on shared hosting.
Off site backups – sure, but with which solutions? One must think offsite backup for a blog. It means backup of a MySQL database and backup of wp-content – flat files (at least). The backup of those flat files should not be a problem even if I tried some WP plugins where some worked while others just generated some huge CPU and Network loads…
The backup is not a real challenge, but the restoration might be. Especially when you have to use a shared computer or you’re left with bad or nonexistent Internet access…
Recommended WordPress Plugins – Few plugins I would recommend in order to feel more protected and with scheduled backup of WordPress MySQL database:
– WordPress Security Scan – https://wordpress.org/extend/plugins/wp-security-scan/
– WordPress Antivirus – https://wordpress.org/extend/plugins/antivirus/
– Exploit Scanner – https://wordpress.org/extend/plugins/exploit-scanner/ (It scans WordPress files and database and highlights all code which may be suspicious.)
– WP Malwatch – https://wordpress.org/extend/plugins/wp-malwatch/ (scans a WordPress theme and other files for malware. It scans for hidden files. It can analyze .htaccess and all uploading files so you are secured while uploading a file)
– WP DB-Backup – https://wordpress.org/extend/plugins/wp-db-backup/ – (allows you easily to backup your core WordPress database tables. You may also backup other tables in the same database)
Take my lesson as it was yours. Learn from my experience. If you run a blog – you're vulnerable to hackers. If you don't have any
I'm just quite disappointed with that…. Blogging is fun, but not when being hacked… -:(.
Stay Tuned via RSS or via e-mail.
Andy G says
Glad to see you back online Vladan
Sorry for you of what happened.
Never think it couldn’t happend to me.
Vladan SEGET says
Yep, bizzarre, mais vrais…. True story…