Internet Safety: Being Hacked


A while back one of my websites got hacked.  It was such a horrible feeling!  You feel violated, and a bit pissed off.  I did what I could to clean it up, and thought I was good.  Then I started checking out my Google Webmasters tools, and found some strange keywords that descirbed this particular site.  So then I really had to dig into it.  Every time I added back in a small line of code all of those links kept coming back and I could NOT find where it was coming from!  I started getting very mad, and ended up working on the issue for about 6 hours.  My kids were definitely in a state of dissarray by the time I finally got all of the compromised code out of my pages and database.  I’m going to speak at a bit of a higher level then I usually do, because I am assuming if you are reading this post you have a self hosted blog and know how to upload plugins and files to your blog.  I will do more basic blogging tutorials in posts to come. 

So how can you avoid being hacked, and how can you tell if your blog is currently compromised?  (I will be talking for the most part about self hosted WordPress blogs).  First thing you need to do is download and install the Exploit Scanner plug-in.  I found this plug-in after hours of work, and it helped SO much!  Thank you to the devlopers for such a great tool!  For someone who doesn’t know a ton, the results on this can be a bit scary.  Here are the main things you should be looking for…

If one of the highlighted items are eval(base64_decode() followed by a whole bunch of uppercase letters and numbers then that page is definitely hacked.  I would find someone to help you clean it up though if you aren’t sure what you are doing.  Don’t just go deleting code that you don’t understand.

Another thing that will come up in the scan is administrative users.  Make sure that you or anyone else you’ve authorized to administrate your blog is listed.  If you see anyone else listed, you have been hacked.  Again, don’t try and fix it yourself.  You will need to go into the back end database and delete the rouge user.

Get yourself a Google Webmasters account to make sure the keywords that describe your site actually describe your site.  You can get a free account at http://www.google.com/Webmasters.  The easiest way to verify you own the website is to upload a file with your FTP client. 

Some good rules of thumb to avoid being hacked…

1. Your password should a combination of letters, numbers and special characters.

2. You should have a different password for your wordpress database, your admin account and your ftp password (all three should be different!)

3. Keep wordpress & plugins up to date.  When an update comes out, install it right away to avoid security holes in previous versions.

So stay safe out there, and hopefully your information remains safe!


This post may contain affiliate links, which means I receive compensation if you make a purchase using the links.

Comments

comments

2 Comments

Click here to post a comment