Blog Hackers are Everywhere!
Yesterday while I casually checked one of my blogs I found that it wasn’t loading any more and the home page of the blog was loading plain white page. I immediately got to my workstation and checked tried load the page and it was the same white page. Initially I suspected to be some htaccess error not allowing the page to load. As anyone else would do, even I tried to login to the admin panel and it was showing a password mismatch and not allowing me to login.
I realized my blog was hacked: I ascertained that the blog was hacked when the lost password recovery was not working at all. Further I logged into the hosting Cpanel and reset the WordPress admin password using an SQL query and was able to login to the admin dashboard. The first step to tackle this hack situation was to identify which all files were modified by the hacker. Checking the time-stamps on the FTP file system, I saw that only the .htaccess and index.php files were altered by the hacker. Hence I made sure to replace these modified files to get the blog back and up.
What are the immediate disaster recover steps used:
- Admin password reset
- Restoration of the modified files
- Reset the recovery email ID and change the admin user name
- Audit the blog for any further issues.
Now that I have fixed the situation and got the blog back working, we should understand the importance of blog security and vitality of maintaining regular backups. The content on the blog is our intellectual property from our months or years of hardworking, treat it with enough seriousness. Further I checked the server audit logs, IP’s and reported all the information to the cyber criminal actives cell through the web host. The interesting part is that I even got the hacker’s home address using the recovery email that is linked to his Facebook account (another advantage of social networks and information sources).
I have take few counter measures to avoid this from happening again. Let me share these proactive steps so that even you can protect your blogs.
- Firstly Make sure you have the right File and Folder Permissions
- Install WordPress Defender to Scan and Alert you on security incident
- Install WordPress Login Lockout Plugin
- Install IP Based Admin Login authentication plugin
About Joshu Thomas
Founder of OrangeCopper Webmaster Networks, also writes for the latest Launch of 2011 -HippieMonk Tech & LifeStyle Blog! All the content is optimized by Market Samurai
More Awesome Content You will Love!
- How to reset the WordPress Password through an SQL Query
- How to make your blog Hacker Proof
- How to improve wordpress blog security
- Security and Performance Alerts for your Blog
- How to enable Content Locking on your Blog
- Gmail’s new security initiative
- What is WP MU and Buddypress , How is it different form WordPress
- WordPress admin login – blank white screen
- Recommended File and Folder Permissions
- When a Plugin Screws up your Blog!
[...] thought I had "cracked" it, but no. Once again hacked. See this. The latest security steps outlined [...]
Kan identificeres immaterielle heraf Virksomheder vil du gerne omkring youinformation kan du Vis i din egen forts?tte. nike free run dame
Ville du indhente en slags ekspansion om rapporter? Er en aftage al spinner som f?lge af ens egen fagligt stof tidslinje? Har du virkelig pind p? plads evigt at hj?lpe praksis? Pr?cist hvordan pr?cist dig interagere?
We are a group of volunteers and starting a
new scheme in our community. Your website offered us with valuable information to work on.
You have done a formidable job and our entire community will be grateful to you.
Erma@list free properties recently posted..list free properties
Wonderful article! This is the kind of information that should be shared
around the web. Shame on Google for no longer positioning this submit higher!
Come on over and discuss with my website . Thank you =)
are binary options profitable recently posted..are binary options profitable