I am sorry for any kind of inconvenience you might have faced in past 3 days. My blog got hacked on 27th feb and I was not able to do any updates on my blog. Now everything is alright and you can feel free to browse through my blog.
Today I have very shocking story to share with you all. It was 27th Feb 2011 and time was 11:04 AM. I entered my blog’s URL in my browser’s address bar and when I pressed the enter key, I was amazed to see strange message instead of my blogs homepage. I tried to open the blog in different browsers but they all were displaying the same message. The message was something like this “You have been migrated to stronger Java framework. Click run to install Java framework.”
Firstly I thought HostGator is doing some kind of upgradation to its servers but when I used my FTP the earth moved under my feet as all the data was deleted from my account. Someone hacked my blog π
Then I immediately used live chat support of HostGator and they confirmed me that my blog got hacked. I asked them to recover my blog immediately but they assigned me a ticket and asked me to be patient untill I receive the email from Security administrators. I waited for 11.30 hrs to receive the first reply from a security admin and I got one more shocking news from him. This was the reply of security admin:
Unfortunately, our backups have already run today, and they over-wrote the backups we had for your account. I’m afraid that you will have to upload the content from your backups. I’m sorry, but we just don’t have any backups of your account at this time.
Now I was wondering how would I recover my uploads as I had only database backup with me. The security admins removed all the malware from my server at around 1.30 AM and asked me to do a fresh installation of WordPress. After successful installation of WordPress, I restored my database backup and fortunately I also got the uploads till 2009.
At this moment I have restored all my posts and comments and uploads till 2009. I have lost the uploads for entire 2010 year. Now I have to upload images for all the posts for 2010 manually. It is really a hectic task which can take 7-10 days.
Why my blog got hacked ?
I’m still not able to find out why my blog got hacked. My hosting provider told me that someone managed to guess my password and got access into my account.
I again feel sorry for the inconvenience caused. I’ll start updating my blog as usual once I recover the loss caused by the hack.
If you are a security person, please share your tips to secure a WordPress blog so that my readers can benefit from it. I’ll also be sharing some security tips in the future.
I felt bad after knowing all this and you know that! Just change your database table names, test some scripts before you use them! Also use strong passwords! Tough time of 7-10 days! Hope you finish it off soon π
Regards…
hay its also happend with me after utdate to wp 3.1.. I think there are some security hole in wp 3.1..
I donβt think that is because of WordPress 3.1, but because of some other reasons like improper permission settings, passwords, etc. Try to use strong passwords (at least 10 -15 character) and change it periodically.
Hey Simrandeep,
I am very much sad & shocked after hearing this story from you, I am feeling very bad on your part that you were not able to recover the uploads of 2010, But I believe in one thing, If one door get closed, Than multiple doors get opened, Take Care bro π All the Best for future π
My account was already hacked last week but i restored from my backup ….everything is fine …..so do backup everyday ! π
my blog too got hacked but thanks to my hosting provider they restore my backups.
Its great that your blog got restored π
Which hosting you are using ?
i am using Hostbig. they have best service and helped me lot in designing my blog. Also, thev provide best security.
This is really a bad news not only for you even for all bloggers. But thank to God at last, you came back.
Good come back anyway. Keep going. π
that is tragic man . soon after i heard your story i backed up my blogs … let us know what happened in your blog ..
thanks
Oh So Sad Simran, Keep you security tight now, Use 3 to 4 password for randomly changed and also use Strong password with adding numeric and symbols in your password.
Same thing happened to my Blog Also so i know what you have gone through..!!!
anyways welcome back..!!! π
Yeah, its horrible news. Better we can take back up on daily basis, so only we will get benefit from that.
Very sorry to hear this, Simrandeep. There are too many people other there with too much time on their hands. But at least this will be a good wakeup call for you to backup your data regularly. I wish you all the best going forward.
Michael
that’s really horrible.. it’s good you are back.. this must be a lesson for us to get concentrate on our security… and always have a backup on other server.
i will be writing a guest post soon , hope the 404 errors are fixed soon , and not punished by google
Oh, that’s bad. But glad that everything is back and running fine again! It’s important to always keep backups of your website’s data and files… just in case.
Hi Simrandeep, It can be really devastating if your blog gets hacked. I own a few sites, but thank God this has not happened to me. I am going to learn from your experience and ensure that there’s always sufficient back up, at least once per month. Good lack with the work you need to do this week and thank you for sharing your experience.
Oh, its very hard news from the trick daddy hacked on here. And, these type of news will be helpful for all the blogger to avoid hacked and so on.
I am shocked to know that your blog got hacked. I am not a security person, but I’ll tell you something. Your blog most probably got hacked by somebody you are acquainted with. May be somebody from your own class or batch.
How? Experience!
Sad stuff but on that same day my two blogs were hacked taken down and set up to redirected all my wordpress files were deleted including my customized Thesis theme and also a few others i know well this should only make us stronger
I was with HostGator and my account got hacked this month too, same history as you, when I asked HG tech staff to restore my backups it was too late, I had some backups myself but not everything, I am very upset over the whole affair, I lost 2 full websites with no possibility of recovery and managed to recover the other 2 sites.
I finally decided to moved to another host, I am not happy how HG handled the whole affair, not about the backups but on how tech staff was unable to tell me how it was done and they did not seem to have interest at all about it. Had it not been for this I would still be with them, my new host keeps backups for a month which is much longer than HG.
@Butanol
Sad to hear that your blogs too got hacked. Your case is almost similar to me. Good new for me was that my database was not deleted so I was able to restore atleast my posts. But I lost the data for my 3 blogs.
Don’t you have your database backup with you? You should now install WP DB WordPress plugin which automatically take scheduled backup of your WordPress database.
Here some tips.
Regularly change your password. Use long (strong) password with combination character, symbol, and numeric. You can use a password-organizer software like KeePass to create and save your strong password.
That’s what I did, and my blog never got hacked (until now).
Nice to meet you Simran
I am getting afraid by this even you got hacked?? I cant believe this. Hackers are increasing day by day even azblogtips got hacked before some days
feel very sad to know about this news, i want to get HostGator service, but now i am affraid to do this. anyways, what you all think about siteground.com . is it good or not?
This wht worst can happen with a webmaster π i feel sorry for your lost, from now on never forget to take regular backups of your blog’s.
Well, as being on the internet, one has to know deep inside your mind that this can and probably will happen to a webmaster. It’s a hassle for us as I have had my blog hacked as well some time ago. I just had to bite the bullet and carry on
oh man, its scary… i think we should use more and more security plugins….
Hacking of WordPress Blogs is Common these Days because of its Poor Security.