That comic up there has been the story of my life for the past two days. I'd just posted up about this massive Iraqi fish and was hoping you all would read it...when my blog blew up into smithereens. The poor fish died a second lonely death in the midst of unnoticed post oblivion.
The gist: another site was pushing out malware through this blog, Google blacklisted the page, and if you tried visiting the site, you'd have seen this awful hazardous sign that makes it seem like the End of the World is snarling back at your from your computer monitor:
Just as I'd almost considered throwing in the towel and changing my life to iliveinasaucepan.com, Sheban and Chirag swooped in to my rescue and restored my site with their magic IT skills...and a boatload of sheer common sense that, in my moment of cruel cyber crisis, seemed to have fled from me like I were the plague.
We were the perfect team - The Terrific Techie Trio.
Actually, the two of them were Terrific. I was Traumatized. And totally unhelpful. I'm never going to mock the damsel-in-distress in one of those cliched dramas again. I felt her pain.
Anyhoo, every time life shoves a battering ram up your nose, you learn a couple of lessons. I'm sure there are more "Lessons Learnt" and "How Not to Get Hacked" preachers out there than the number of doughnuts I've consumed in a lifetime. But here's my version. All of it is common sense, but if I don't publicly declare them, I feel like I'll forget what I need to do if the hacker hyenas hound me again.
1. There are no coincidences in technology. Famous last words by Sheban, who was working with me on my site for something totally unrelated, and saw a security screen flare up on my computer. I assumed it was a one-off and poo-poo'd it off. But Sheban was suspicious, and left me with those ominous words that I should frame somewhere. Or make the tag line of my site so that I never forget them.
2. Make sure all your computers have anti-virus. DUH. But seriously, any computer that you're using to work on your site, which doesn't have anti-virus software, becomes the breeding ground for hackers. Microsoft Security Essentials is what Sheban got to me install on all my computers. That doesn't keep all hackers away...my site still got malware didn't it?...but it's a solid preventative measure in most cases, and it does flag any threats upfront. And when it does, back to point #1, ACT on it.
3. Sign up for Google Webmaster Tools. Do this NOW, don't wait to be hacked. If your site has malware or whatever other cyber creepy crawlies there are out there, having an account here is key because they can give you much needed information on what the issue is, which piece of malicious code may be mucking up your site, etc. If you wait to sign up until after your site goes down, it will take hours before Google can collect information on the issue for you. And time is KEY when your site is down.
Most importantly, this is the panel through which you can request a review of your site after you've managed to clean up the hacked mess. And if the review comes clean, then your site will no longer be blacklisted by Google and that dreaded red endoftheworld page goes away. Woo-hoo.
4. I could write an entire article now about how to not screw around with Wordpress and hosting security. And even that wouldn't be comprehensive enough. But some of the key things I learned:
- Don't install a ton of plugins you don't need (obvious? yeah. I felt like a blithering buffoon when Chirag and Sheban pointed to my 31 plugins, most of which were unused, and one of which may have well been the entry points for the malware.)
- If you do have plugins, make sure you update them when new versions are released. I've ignored the updates in the past << BAD.
- That said, if there were two plugins I should have had, it would have been the Sucuri Scanner and WP Malwatch. I'm not going to get into why they're awesome, check out their specs and it should be fairly evident why you need them if you're a Wordpress user.
- If you use FTP, make sure you use SFTP or SSH because they encrypt your passwords. This is what I learned from my hosting service: Discontinue use of regular FTP if you use it -- it sends passwords over the internet in plaintext. Ick.
- Make sure all your passwords are impossible to crack, and that you change them regularly. I can bet that I'm going to forget this piece of advice months down the line, but...YOU should do it.
5. REGULARLY BACK UP YOUR SITE. There are ton of ways to do this - ask your host to do it for you (if you're self-hosted), use SFTP, export your wordpress content (go to Tools > Export)...I'm sure there are a ton of ways. Figure out what's the best for your site and DO IT.
These next few points are for what happens if...God Forbid...your site gets hacked.
6. When your site has been infected or hacked, Google will most likely catch the issue and blacklist your site. Yes, it's as bad as it sounds, they will blacklist it and shove the red endoftheworld page on your site. Google Chrome, Mozilla, Safari....will all block you from entering the site, Internet Explorer may be the only one that would let you enter. And if it does, you better pray that your anti-virus software kicks in for the crap that's going to go down. BUT, the one ray of hope on that blasted red page is the link to Google's Safe Browsing Diagnostic Page. Clicking that link at least gives you more information on what Google has detected. The page may just provide the tiniest sliver of information, nothing close to what you need to solve the problem, but it's a start. And when the world is ending, you damn well need a start.
7. Contact your host immediately (if you are self-hosted) and get them to diagnose the issue. In my case, this step wasn't very helpful because their response time was slower than I'd have liked, but still, it doesn't hurt and they may find something you haven't already.
8. If you're a Wordpress user who's hosting your site on Dreamhost, look at this Bible of What to Do When Hacked. It's written for the techie bimbo in you. This is another helpful pages: FAQ My site was hacked.
9. Try to stay calm, and get some sleep. I could barely follow this piece of advice, but it's true - every time I got jittery or tried to glare at something through droopy eyes, I messed it up and made things worse. Hint: if you have water trickling down your cheek and you're starting to mumble words in a language you don't know, then GO TO SLEEP. And deal with the issue when you're human again.
9. Wear latex gloves when you're dealing with the issue. Else you will have nails that have been hacked to bleeding bits by the end of the nerve-racking ordeal. If only you knew how much it hurts to type this post out.
10. The most important point - have awesome friends who can work with you on the issue. 2 brilliant brains + 1 traumatized brain is WAY better than 1 traumatized brain alone. I hate asking for help, really I do. But I did ask for it this time, and Sheban and Chirag bailed me out. Thank you guys.
Mushy group hug with background awwwws. Dude high-fives in silence.
This of course is by no means a comprehensive list (aka if you follow all these steps and your site still goes down, don't blame me.) I'm sure there are a ton of other things that I'll remember in retrospect, and I'll add it to the list when I do. If you think I've missed something super critical that must be shared with the world of hacked cyber victims, do leave a comment so we can learn from each other and be one big happy family against those wretched hackers.