First of: Sheban and Chirag: THANK YOU FOR SAVING MY SITE.
That comic up there has been the story of my life for the past two days. I'd just posted up about this massive Iraqi fish and was hoping you all would read it...when my blog blew up into smithereens. The poor fish died a second lonely death in the midst of unnoticed post oblivion.
The gist: another site was pushing out malware through this blog, Google blacklisted the page, and if you tried visiting the site, you'd have seen this awful hazardous sign that makes it seem like the End of the World is snarling back at your from your computer monitor:
Just as I'd almost considered throwing in the towel and changing my life to iliveinasaucepan.com, Sheban and Chirag swooped in to my rescue and restored my site with their magic IT skills...and a boatload of sheer common sense that, in my moment of cruel cyber crisis, seemed to have fled from me like I were the plague.
We were the perfect team - The Terrific Techie Trio.
Actually, the two of them were Terrific. I was Traumatized. And totally unhelpful. I'm never going to mock the damsel-in-distress in one of those cliched dramas again. I felt her pain.
Anyhoo, every time life shoves a battering ram up your nose, you learn a couple of lessons. I'm sure there are more "Lessons Learnt" and "How Not to Get Hacked" preachers out there than the number of doughnuts I've consumed in a lifetime. But here's my version. All of it is common sense, but if I don't publicly declare them, I feel like I'll forget what I need to do if the hacker hyenas hound me again.
1. There are no coincidences in technology. Famous last words by Sheban, who was working with me on my site for something totally unrelated, and saw a security screen flare up on my computer. I assumed it was a one-off and poo-poo'd it off. But Sheban was suspicious, and left me with those ominous words that I should frame somewhere. Or make the tag line of my site so that I never forget them.
2. Make sure all your computers have anti-virus. DUH. But seriously, any computer that you're using to work on your site, which doesn't have anti-virus software, becomes the breeding ground for hackers. Microsoft Security Essentials is what Sheban got to me install on all my computers. That doesn't keep all hackers away...my site still got malware didn't it?...but it's a solid preventative measure in most cases, and it does flag any threats upfront. And when it does, back to point #1, ACT on it.
3. Sign up for Google Webmaster Tools. Do this NOW, don't wait to be hacked. If your site has malware or whatever other cyber creepy crawlies there are out there, having an account here is key because they can give you much needed information on what the issue is, which piece of malicious code may be mucking up your site, etc. If you wait to sign up until after your site goes down, it will take hours before Google can collect information on the issue for you. And time is KEY when your site is down.
Most importantly, this is the panel through which you can request a review of your site after you've managed to clean up the hacked mess. And if the review comes clean, then your site will no longer be blacklisted by Google and that dreaded red endoftheworld page goes away. Woo-hoo.
4. I could write an entire article now about how to not screw around with Wordpress and hosting security. And even that wouldn't be comprehensive enough. But some of the key things I learned:
- Don't install a ton of plugins you don't need (obvious? yeah. I felt like a blithering buffoon when Chirag and Sheban pointed to my 31 plugins, most of which were unused, and one of which may have well been the entry points for the malware.)
- If you do have plugins, make sure you update them when new versions are released. I've ignored the updates in the past << BAD.
- That said, if there were two plugins I should have had, it would have been the Sucuri Scanner and WP Malwatch. I'm not going to get into why they're awesome, check out their specs and it should be fairly evident why you need them if you're a Wordpress user.
- If you use FTP, make sure you use SFTP or SSH because they encrypt your passwords. This is what I learned from my hosting service: Discontinue use of regular FTP if you use it -- it sends passwords over the internet in plaintext. Ick.
- Make sure all your passwords are impossible to crack, and that you change them regularly. I can bet that I'm going to forget this piece of advice months down the line, but...YOU should do it.
5. REGULARLY BACK UP YOUR SITE. There are ton of ways to do this - ask your host to do it for you (if you're self-hosted), use SFTP, export your wordpress content (go to Tools > Export)...I'm sure there are a ton of ways. Figure out what's the best for your site and DO IT.
These next few points are for what happens if...God Forbid...your site gets hacked.
6. When your site has been infected or hacked, Google will most likely catch the issue and blacklist your site. Yes, it's as bad as it sounds, they will blacklist it and shove the red endoftheworld page on your site. Google Chrome, Mozilla, Safari....will all block you from entering the site, Internet Explorer may be the only one that would let you enter. And if it does, you better pray that your anti-virus software kicks in for the crap that's going to go down. BUT, the one ray of hope on that blasted red page is the link to Google's Safe Browsing Diagnostic Page. Clicking that link at least gives you more information on what Google has detected. The page may just provide the tiniest sliver of information, nothing close to what you need to solve the problem, but it's a start. And when the world is ending, you damn well need a start.
7. Contact your host immediately (if you are self-hosted) and get them to diagnose the issue. In my case, this step wasn't very helpful because their response time was slower than I'd have liked, but still, it doesn't hurt and they may find something you haven't already.
8. If you're a Wordpress user who's hosting your site on Dreamhost, look at this Bible of What to Do When Hacked. It's written for the techie bimbo in you. This is another helpful pages: FAQ My site was hacked.
9. Try to stay calm, and get some sleep. I could barely follow this piece of advice, but it's true - every time I got jittery or tried to glare at something through droopy eyes, I messed it up and made things worse. Hint: if you have water trickling down your cheek and you're starting to mumble words in a language you don't know, then GO TO SLEEP. And deal with the issue when you're human again.
9. Wear latex gloves when you're dealing with the issue. Else you will have nails that have been hacked to bleeding bits by the end of the nerve-racking ordeal. If only you knew how much it hurts to type this post out.
10. The most important point - have awesome friends who can work with you on the issue. 2 brilliant brains + 1 traumatized brain is WAY better than 1 traumatized brain alone. I hate asking for help, really I do. But I did ask for it this time, and Sheban and Chirag bailed me out. Thank you guys.
Mushy group hug with background awwwws. Dude high-fives in silence.
This of course is by no means a comprehensive list (aka if you follow all these steps and your site still goes down, don't blame me.) I'm sure there are a ton of other things that I'll remember in retrospect, and I'll add it to the list when I do. If you think I've missed something super critical that must be shared with the world of hacked cyber victims, do leave a comment so we can learn from each other and be one big happy family against those wretched hackers.
Oh my dear Frying Pan. Tears would have been running down my cheeks too and I would most definitely have been mumbling incoherently (more than usual I mean). Well done for turning a catastrophe into a triumph with this excellent post. I wouldn’t have had the will to blog for a month. Bravo the terrific twosome.
Thanks Sally, and aiye aiye, BRAVO for my code crusadors!! There was definitely a meltdown-with-tears moment…though putting it into perspective, I have just got a food blog. Don’t get me wrong, food is all-important to me, but imagine the people who’ve actually got stuff on their site that’s critical to the rest of the world…at least no one fell apart because of this disaster (except myself….or did any of you, my dearest readers, experience the same angst and hopelessness? Tell me you felt my pain.)
(Pretend if you have to.)
Either way, life-critical or not, I was still bawling. And it still hurt to see the site down. Down with the Malware Meanies.
Yay, welcome back!!! I got obsessive with adding plugins at one point, and it was my husband who told me to keep only those that I truly need. I never thought plugins could cause death to your website!
PS: Love the illustration!
@nadia – Smartie pants hubbie. I need to get me one of those ;)
The bottom line: If you’re careless, ANYTHING – and especially the ’anythings’ you least expect, can cause death to your website.
Thank goodness you’re frying again! I recently attended a talk by Scott Kelby who was talking about exactly this. I think I should have joined Blogger. I wander if it’s too late to move house???
@Edwina – Hells yeah, I am a-sizzlin’ now! (actually, I look like I have been run over by a truck. More so than usual.)
I personally think joining Blogger is a terrible idea, we use the platform for our community website (ask MyCustardPie) and it SUCKS. [Sorry blogger people, don’t take this personally, but that platform just makes me want to ram my head against the wall.] Again, I don’t think this was a WP vs blogger vs. whateverotherplatform problem – any site is vulnerable to hackers if you leave the door open. And boy did I leave that door wide open. I actually unhinged the darn thing altogether.
Great words of advice stemming from your hacker experience – glad you got most of your site back and running!
I too was obsessive with plug-ins until a well known one caused bitly to shorten every single blog post I would ever written!
@ginger and scotch – EYAK. That sounds terrible. Will you send me a secret message and tell me what that plugin is so that I never make the mistake of downloading it in my plugin-lovin’ frenzy?
Great post beetle!!! And am so thrilled Chirag, Sheban and you got through this together. Hope you’re getting some well deserved rest now :D
FaridaA – meee too, really thrilled that the site is back and sizzlin! No rest though :( it’s been one long day, since Jan 1st of this year!
I have bookmarked this post. It is so so useful. Thanks for sharing all the information. I am glad that you are back.
Anita – glad you found it helpful…but I do hope you never face this situation, ever! Thanks for the wishes :D
Glad to have you back on your feet dahlink – where would we be without our frying pan? :-)
theregos – awwwwww. what can I say to that. HUG TO THE FABULOUS FRYINGPAN FRIENDS.
Im technologically dyslexic!! I dont have a lot of plug ins, but will definitely back up my blog posts, its soo important!! I cant imagine what you went thru..and Im so glad ur still frying pan and not sauce pan!!! Kudos to the boys! Ur blessed to have awesome friends!
accordingtodina – Amen to backing up your site. And I AM blessed with amazing friends. Nothing against saucepans, but it would have broken my heart to change the blog name…and if not for the boys, saucepan I may well have had to be.
Once a frying pan, always a frying pan. ;)
[Malware meanies, take note of the above.]
Arva you have the ability to fight back and get the best out of the worst. never give up…you always have tomorrow to look forward to – enjoy what you do and rest will follow!
dad, thank you, and thanks for being there as a voice of calm when I was running around like a headless chicken…I know who I get that fighter’s spirit from. :)