Blog Hackers are Everywhere!
Yesterday while I casually checked one of my blogs I found that it wasn’t loading any more and the home page of the blog was loading plain white page. I immediately got to my workstation and checked tried load the page and it was the same white page. Initially I suspected to be some htaccess error not allowing the page to load. As anyone else would do, even I tried to login to the admin panel and it was showing a password mismatch and not allowing me to login.
I realized my blog was hacked: I ascertained that the blog was hacked when the lost password recovery was not working at all. Further I logged into the hosting Cpanel and reset the WordPress admin password using an SQL query and was able to login to the admin dashboard. The first step to tackle this hack situation was to identify which all files were modified by the hacker. Checking the time-stamps on the FTP file system, I saw that only the .htaccess and index.php files were altered by the hacker. Hence I made sure to replace these modified files to get the blog back and up.
What are the immediate disaster recover steps used:
- Admin password reset
- Restoration of the modified files
- Reset the recovery email ID and change the admin user name
- Audit the blog for any further issues.
Now that I have fixed the situation and got the blog back working, we should understand the importance of blog security and vitality of maintaining regular backups. The content on the blog is our intellectual property from our months or years of hardworking, treat it with enough seriousness. Further I checked the server audit logs, IP’s and reported all the information to the cyber criminal actives cell through the web host. The interesting part is that I even got the hacker’s home address using the recovery email that is linked to his Facebook account (another advantage of social networks and information sources).
I have take few counter measures to avoid this from happening again. Let me share these proactive steps so that even you can protect your blogs.
- Firstly Make sure you have the right File and Folder Permissions
- Install WordPress Defender to Scan and Alert you on security incident
- Install WordPress Login Lockout Plugin
- Install IP Based Admin Login authentication plugin