The last few days weren’t exactly part of my travel plans or ideal street food indulgent adventures…
I extremely apologize if you visited my website on Saturday Feb 19 and were redirected to an unknown unassociated site.
I had just partaken of a satisfying lunch and I was all ready to crank out some more online work.
I clicked on my latest article, the internet thought for a moment, before my browser displayed a little message at the top of the screen reading “this page has been moved.” Another millisecond later and an erotic porn site was displayed.
That’s when the hair on my arms perked up and my entire body entered a state of panic.
I opened my dashboard to find an unknown script redirecting my articles to malicious advertisements; the work of a hacker.
I jumped on skype to have a word with my host and find out if any security on their side had been breached. They informed me things were secure and confirmed that my file permissions were also in the safe.
I frantically searched on Google for an explanation and described my problem in a bunch of online forums. A few hours later there were some responses from the wonderful side of the online community and a number replies from other website owners with the identical virus latched into their code as well.
Not exactly knowing what to do, I headed to my server and restored my entire account to 4 days previous, deleting only a tiny bit of my saved content. I swiftly changed passwords on my databases, FTP, wordpress, and updated my wp-config file with fresh API codes.
The tactic worked, though I was hesitant to click on an article, hoping to see the intended post and not an explicit sex act. I ran my site through a number of scanners and to my relief, the results came back negative.
By this time, Google had put a red flag on my site to warn others against visiting, but now my site was clean. I quickly re-submitted to Google, as my site traffic was beginning to plummet.
I’m still not exactly sure how the virus entered my code, but I think it could have been a result of a spam comment that confirmed acceptance through the spam filter, somehow WITHOUT my consent.
If you get hacked on WordPress, it’s important to first stay calm in order to actually read some information before acting. There will almost always be a similar case that has been written about previously. I took the time to read through the FAQ My Site was Hacked.
I added some new security plugin’s recommended by supportive Travel Bloggers and I have now hopefully beefed up the protection on my site.
WordPress Plugins:
- WP Security Scan – Scans your site for possible vulnerabilities and warns you of them
- Theme-Check – Checks out your theme to make sure it’s up to standard with WordPress
- Growmap Anti Spambot – It’s not nearly as annoying as a captcha but hopefully it will be effective at humanizing my comments by needing to check a box before commenting.
Note: Now you will need to check the small box, to leave a comment! Hope it’s not too inconvenient!
If you ever run into a virus or malware situation on your website and need professional help, check out Sucuri Security. To avoid making an under panic decision about modifying something, it can be worth it to let a professional take care of it. They also offer a free security check to make sure you site it clean of malware.
As a word of advice, make sure to backup all your files frequently, maintain all updates necessary, and make your passwords complicated with random characters and letter combination’s. Anil over at FoxNomad has some great internet security advice.
Since my traffic dipped and I hadn’t done any usual updates, I decided this would by my opportunity for a much needed site redesign.
So in the sleepless course of 72 hours or so, I added a new customized theme and new feel to the old Migrationology. I’m still smoothing out the edges and working to make sure it’s compatible and everything works.
If you notice any glitches or have any suggestions to throw my way, I would be grateful.
Again, I express my deepest apologies to those who were redirected to a random site when visiting Migrationology.
– Migration Mark
Get exclusive updates
Enter your email and I'll send you the best travel food content.
Mark Wiens
13 years ago
@Andrew: Yah, it’s not the most fun situation…I really hope everyone is spared from having to deal with any virus’s.
Andrew Murray
13 years ago
Loving the new theme Mark!
Thanks for recommending the security plugins. I didn’t realise this was a major problem…I think I’ll check them out now…must have been a nightmare to sort out whilst your ‘in the thick of it’!
Mark Wiens
13 years ago
@Ayngelina: Thanks, when something like this happens it sure makes one realize the importance of backing up!
@NVR Guys: Wow, that must have been terrible losing that much data and so much work. I will join you guys in becoming a backup evangelist!
The NVR Guys
13 years ago
That feeling you describe – the hairs standing up on your arm – is horrible. Sorry you had to deal with that. Glad to see that you were able to recover so quickly and that you didn’t lose much of your data.
Having once lost our website (and several years of posts) a while back, we are now back-up evangelists. Everything gets back up to external hard-drives and the cloud. You just can not be too careful because the data is irreplaceable.
Thank you in advance for this information. Hopefully we will never have to use it.
ayngelina
13 years ago
So sorry to hear that Mark, it makes me realized how vulnerable I am as well.
Good to see everything worked out and the site is back up.
Mark Wiens
13 years ago
@Corrine: Thanks a lot Corrine!
@Christy: Thanks, so you guys probably know all about that dreadful feeling as well. Have you since changed hosts?
@Pete: Yah, for the last 3 days, that’s been a great plugin already. I’m barely needing to clean out any spam folder anymore!
Pete
13 years ago
Yikes that sucks that you got hacked but glad that you are back up and running. We have had some luck so far, but thanks for the tips for the Growmap Anti Spambot. Going to look into that for sure. Cheers!
Christy @ Ordinary Traveler
13 years ago
Sorry to hear you had to deal with hackers! We had this happen a few months after we started our site and it wasn’t fun. Ours was actually because of our host (GoDaddy) who are not known for their security. I’m glad you are up and running again. The site looks great!
Corinne @ Degustinations
13 years ago
Good to have you back, Mark, and sorry you had to go through all this angst. I like the new look and look forward to more food adventures!
Mark Wiens
13 years ago
@Laura: Thanks for the comment!
@Alex: Yes, it’s good to be prepared and keep backing up your information!
@David: Thanks David! These kinds of malware situations are horrible, but since there are so many cases worldwide, it helps that others have previously figured out how to get rid of it. Hope your friends site is in the clear as well.
@Kelly: Thanks Kelly!
@Laurel: Malware viruses are designed to exploit the tiniest of holes in your system. It’s important to have a good backup and try not to panic!!!
@John: Right about that! Glad you enjoyed the video, thanks for checking it out!
@Christy: Hehe, thanks so much!
Christy @ Technosyncratic
13 years ago
Ha, I had thought you just decided to give your blog a new spin on things. 😉
Seriously, though, that sucks and I’m sure the panic you experienced wasn’t fun. Glad you got it straightened out, tho. 🙂
John in France
13 years ago
Stay calm! Easier said than done! Good article and advice following your bad experience here. BTW enjoyed your video!
Laurel
13 years ago
Sorry to hear about this, and I’m surprised to hear that a blog would be hacked, good info though in case it happens, as I think my first response would be to panic.
Kelly
13 years ago
Ugh, what a drag! So sorry you had to go through that! But I’m really liking the new look of the site and can’t wait to see more!
David @ Malaysia Asia
13 years ago
Heya Mark, you too huh? A friend of mine got a similar attack and just fixed it today. BTW, love the new look too.
crazy sexy fun traveler
13 years ago
So sorry for what happened! Glad you sorted it out though. Now it seems I will have to download the plugins you recommend, too!
Laura
13 years ago
Sucks! I’m glad you’ve got it sorted out, and hopefully stuff will pick up again soon.
Mark Wiens
13 years ago
@Kat: Great that you are backing up your site weekly, you never know how important backing up is until you NEED it!
@Inka: Great, I will definitely keep it green and yellow! Yes, getting in to the mySQL databases and other serious information takes some expertise. If it would have gotten too much more technical, I might have gone for some pro assistance.
@Renee: Yes, even if a site seems pretty secure, there’s always a chance for something to slip up or a virus to find a hole. Great, I hope these plugins will help!
Renee
13 years ago
I’m so sorry to hear that happened to you, Mark. I guess none of us can be too careful, there’s always someone out there with lots of time on their hands. I appreciate the tips that you gave on how to protect yourself. I’m going to start downloading those plugins right now.
inka
13 years ago
How aweful. I admire that you knew what to do. I wouldn’t have a clue, I just rely on my webmaster and if anything goes wrong I come running. Honestly, I don’t undertsand even half the terminology. As to the new design: as long as you keep the green and yellow color scheme I like it.
Kat
13 years ago
Grah. That’s scary. I just upgraded to WordPress, my own host and domain from using Blogger. Security breaches weren’t my worry then because I trust Google’s servers.
Thanks for the links. I back-up my site weekly, and my friend helps me with the blog maintenance. Hope this doesn’t happen to you (or to anyone!) again.