This post is about the business of blogging. I don’t often post about the business of blogging so if you aren’t really interested in the business of blogging, I would appreciate a visit to two of my latest favorite posts: A Pile of Shoes about my pile of numerous traveling bridesmaid shoes and A Visit to Hanauma Bay 21 Years Apart.
How I Found Out I was Hacked
Last Wednesday afternoon, I was cleaning my house and took a break to check my email. There was a message from one of my blogging buddies letting me know that she got a malware warning when she tried to visit my site. I thought that was strange so I checked my site and didn’t seem to have a problem. I wrote her back a quick note to ask her what the error looked like.
I called my hosting company and got someone who tried to be helpful but wasn’t really; however, he did a great job selling me on a purchase that needed to be done in the next few months but was certainly not a necessity at that moment. After taking my credit card number, he told me not to worry about it…we couldn’t see the error; it was probably not a big deal. In between that phone call and hearing back from my friend, I got an email from another friend and a direct message on Twitter from another. I knew this was a bigger problem than I or my hosting company had thought it was.
At this point, my site was completely inaccessible unless a reader chose to ignore the very scary looking malware message and click through the message.
To make matters worse, during this time I also found out that my other website, Pensacola with Kids, had also been hacked.
How I Found Out Exactly What the Problem Was
After calling my hosting company again and getting an even less helpful and not so polite person in technical support, I turned to the Internet and started researching what to do if your blog gets hacked. I found a few websites that told me that what had happened was some jerk found a way to hack into my blog and insert some code. I am not quite sure what the code did…whether it redirected someone to another site or if it was just an annoying little thing that Google found. It took me many hours through the night and most of the next day to figure out what exactly happened.
Reading website after website was not very helpful and they didn’t make much sense (did I mention I have a degree in Ed. Tech?). I finally came across Unmask Parasites. This site scans your website to tell you what might be wrong with your site. If you don’t have any issues, it will tell you that your site is clean. If you do have an issue, it will show you some code that you will need to find hidden in your website. There is a guide to dealing with the malware warnings from Google. I also followed a link in my Unmask Parasites scan report that took me to Sucuri website scanner. The scan from Sucuri was a little bit more comprehensive and gave me more clues as to what I was looking for (I believe both sites offer paid services if you have no luck taking care of it yourself!).
What it all boiled down to was a little piece of code about 25 characters long had been inserted into my website somewhere in the 30+ php files, 550+ posts, and more. Once I had the code, I at least had a direction to go.
How I Fixed the Problem
After my research and a
minor major freak out, I began pouring over the Two Kids and a Map files trying to find this teeny little thing that was ruining my entire day. After looking through several files, I finally just deleted my entire theme and uploaded the original files. Then, I started searching for the code. Luckily, uploading the original theme files fixed the problem but I wasn’t quite sure. At about 3am, I decided that there wasn’t much more I could do without sleep so I gave up and headed to bed.
With a little bit of sleep, it was time to figure out what was wrong with Pensacola with Kids. I decided to copy and paste the .php file code into a word document and use the Find feature instead of going through all of the .php files myself. Surprise! There was the malware code. I deleted it, checked the other files, scanned both sites again and decided they were clean.
After cleaning up your site, you have to submit it to Google for review via the Google Webmaster tools. After submitting, it only took about four hours to get a clean bill of health and then another few hours for the malware warnings to finally be taken off of my site.
What I Learned Along the Way
Do not freak out. That is what all of the websites said and they are right. The problem can be fixed. It might take some time (and money if you can’t fix the problem yourself) but the problem most likely can be fixed.
Deleting the theme files worked for me. This information could have saved me a lot of time and panic. I don’t advise doing this though unless you know what will happen because all of the articles I read said not to panic and start deleting stuff! This is exactly what I did…panic and start deleting stuff!
My websites mean a whole lot more to me than I thought they did. These sites are mine. They are a piece of my history now. They are stories of my family and our adventures and I don’t want to lose them.
If you see the Google Malware warning on a website, take a moment to send a message to the owner of the website. I would have eventually known that there was a problem but it might have been a few days. To be honest with you, I log in to the admin section daily but do not look at the homepage daily (I do now though!).
Back up your site. Do it now. I read all sorts of posts on the web about backing up my website but I never got around to it. My site is now backed up and I hope that yours is, too!
Update to the latest WordPress and make sure your plugins are updated. According to some of the posts I read, having an out of date version can leave holes for jerky hackers. I had not updated to the latest version of WordPress but I have now.