Blogging troubles and security.

[AngryPI]

Just a blanket warning/reminder to everyone with their own sites, blogs and the like.

My blog was brute-force hacked and then coded to redirect to further infectious sites. A headache, to say the least, considering the small, personal aspect of the site. I wonder why I was targeted; was it something I interacted with elsewhere or was it just a giant net that caught my domain in its grasp. Either way, it doesn't matter, I shut it down for maintenance but my hosting company took it further, by completely disconnecting it from Wordpress. I have made back-ups--not as often as I would like, and I am making attempts to clear out the nefarious lines of code.

So here is my friendly warning to all: back-up often--I would say every two posts, scan often, have a security system in place if your host doesn't include it in their plan--making sure that you have a log-in attempt limit, and never underestimate how low, criminals will go to get what they want.

 

[Barbara]

Sorry to hear about your woes, but thank you for sharing this.

 

[Paul Whybrow]

Wordpress have a problem with their blogs being hacked and disappearing, as I mentioned in the thread Wordpress Shenanigans in the Back Room. I'm returning to self-publishing, so will be resurrecting my blog—backing it up, as you sensibly suggest.

 

[Amber]

Wordpress have a problem with their blogs being hacked and disappearing, as I mentioned in the thread Wordpress Shenanigans in the Back Room. I'm returning to self-publishing, so will be resurrecting my blog—backing it up, as you sensibly suggest.

If you’re using Wordpress for free and using free webspace then what happens when you use it isn’t under your control. But you’ve also been given no reason to believe it’s under your control. Nor have you given Wordpress any reason for them to give you more control.

If you’re paying for webspace and not paying an administrator designer then it’s your job to educate yourself and take care of your space. Most hosts don’t provide a great deal of support. So, unless you’re paying a premium, odds are it’s your responsibility. Expecting a web host to make sure all of your files have the correct permissions, making sure no one can browse to your directories, and making sure your (FREE) wordpress theme doesn’t make your site vulnerable is equivalent to renting a house or an apartment and wondering why your landlord doesn’t put out your garbage, lock our door, or do your dishes.

If you get something for free (WORDPRESS THEME) and something else for free (WEBSPACE) and another thing for free (A URL) .... Well... in the words of someone I never tire of quoting:

There Ain’t No Such Thing As a Free Lunch

....and it’s wholly inappropriate to point the finger at Wordpress for taking advantage when you offered yourself up for such activity.

 

[Amber]

Just a blanket warning/reminder to everyone with their own sites, blogs and the like.

My blog was brute-force hacked and then coded to redirect to further infectious sites. A headache, to say the least, considering the small, personal aspect of the site. I wonder why I was targeted; was it something I interacted with elsewhere or was it just a giant net that caught my domain in its grasp. Either way, it doesn't matter, I shut it down for maintenance but my hosting company took it further, by completely disconnecting it from Wordpress. I have made back-ups--not as often as I would like, and I am making attempts to clear out the nefarious lines of code.

So here is my friendly warning to all: back-up often--I would say every two posts, scan often, have a security system in place if your host doesn't include it in their plan--making sure that you have a log-in attempt limit, and never underestimate how low, criminals will go to get what they want.

Sorry about what happened Angry Pi. Good luck with resolving the issues. It’s probably difficult to find the reason for what happened but keep in mind it only takes a short line of script to tell a browser to redirect to another page.

 

[Katie-Ellen]

I have a blog on Wordpress but I pay. Not the highest, but I'd used it for free for a long while and didn't want readers bludgeoned with ads, plus, I have a website but a blog is more agile, and serves as a website and it seemed fair dos.
So far.

 

[Sea-shore]

Just a blanket warning/reminder to everyone with their own sites, blogs and the like.

My blog was brute-force hacked and then coded to redirect to further infectious sites. A headache, to say the least, considering the small, personal aspect of the site. I wonder why I was targeted; was it something I interacted with elsewhere or was it just a giant net that caught my domain in its grasp. Either way, it doesn't matter, I shut it down for maintenance but my hosting company took it further, by completely disconnecting it from Wordpress. I have made back-ups--not as often as I would like, and I am making attempts to clear out the nefarious lines of code.

So here is my friendly warning to all: back-up often--I would say every two posts, scan often, have a security system in place if your host doesn't include it in their plan--making sure that you have a log-in attempt limit, and never underestimate how low, criminals will go to get what they want.

Sorry to hear this happened to you! Goodness, what a headache. Hope it's sorted out now and thanks for the warning not to take things for granted.

 

[NickP]

Blimey, I've got one of those. Hang on.

A Monster In The Mirror

Last entry back in June 2013!

 

[Michiel Kroon]

Thanks for sharing.. I'll keep changing those passwords

 

[AngryPI]

Thanks for sharing.. I'll keep changing those passwords

If you can, put a limit to how many password attempts can be made before a block and an email is sent out.