I think this blog hack is under control (knock wood)

Blmurch, via Flickr (CC license)
Yep, spammers are asses. And evil, in a mostly banal sense. Grumble….

Over the last few days, and especially this morning, I’ve been wrangling with fixing a hack done to this blog by a spammer. It’s been pretty stressful, but Tom Vilot and other helpful geeks have been absolute angels in helping me figure out this server-side crap. Thanks, all!

For now, I think we’ve probably neutralized what this hacker has done. But I’ve got a contingency plan in place to rapidly relocate this blog to another server should new problems from this hack arise. If problems do arise, I’ll probably have Bluehost create a new account for me, reinstall WordPress, repopulate the blog’s database, etc. A hassle, but not unrecoverable.

Lessons learned. These mostly apply to WordPress blogs, but can have wider applicability…

  1. Always use secure access (https://) for any site that requires a password. Just make that the norm, whether I’m home behind a firewall or on public wifi. I am investigating getting an EVDO card for mobile web access, but I think that might not be possible for a Macbook. I might have to wait until I upgrade to a Macbook Pro for that.

  2. Always keep an up-to-date backup of my blog: the database as well as other content like images or audio/video. This makes a quick restore not only easier, but possible. If possible, arrange this as a chron job to secure copy (scp) the content to another server. Don’t just rely on a WordPress plugin to e-mail the backup to you. WordPress plugins can be hacked. That’s what happened to me.

  3. Check regularly for plug-in updates. Hackers exploit vulnerabilities in popular tools like plug-ins. Plug-in developers generally patch these vulnerabilities and release new versions of the plug-ins as these vulnerabilities are revealed. It seems like so far there’s no automated way to check for WordPress plug-in updates (but I’ll keep looking for that). However, it’s worth doing a manual check of this once a week or so.

  4. Just because it sucks doesn’t mean it’s personal. Most spammers and hackers are sheer opportunists. This blog hack probably wasn’t personal, even though it damn well feels personal. Just like when someone breaks into your car. It’s hard not to take it personally. I’m definitely pissed off, but I can let that go.

Most importantly, this experience shows the value of befriending geeks, and of having a generally collaborative and constructive attitude when dealing with people online. People really came to my aid here, and I am grateful.

7 thoughts on I think this blog hack is under control (knock wood)

  1. Good to know you’re back at “yellow” alert only. I use wordpress 2.3.1. The plug-in display in the admin screen will warn you if the Wodpress codex has an updated version of your plug-in available. (Obviously, the plug-ins you use must be hosted by WordPress.org for this update warning to happen.) It’s not an automatic email update, but it’s better than my old click the website for each plug-in method.

  2. The other really useful too is the WordPress Automatic Update plugin (available from the WordPress site), which makes staying up to date really easy. It also does a database and file backup you can download at the same time.

    As for mobile broadband, there are USB devices sold by some carriers that do work with the Mac, though you do need to make sure they have updated drivers if you’ve updated to Leopard, as people have had problems. They work fine under Tiger.

    Good tip re. always using https over http. I do it for Gmail but sometimes for get for other things. Time to fix that for all my wordpress installations at least.

    And I’m definitely sticking around here, I like what I read 🙂

    – Neil.

  3. Jeremy, Neil, thanks for your support through this techno-hassle. My plug-ins are from wordpress.org — just reinstalled them all to the latest version.

    I might try that WordPress automatic update plugin too. Because of one oddidty of how my site is hosted, I just want to check with my top geek mentors first on that.

    Thanks, guys

    – Amy

  4. Except for making sure Akismet works, I think we’re out of the woods. Plus I have implemented most of a good backup system that backs up not just the database, but all content, incrementally.

  5. Pingback: contentious.com - Having trouble posting comments to this blog?

  6. Pingback: contentious.com - Dammit, this blog has been hacked again!

Leave a Reply

Your email address will not be published. Required fields are marked *