Hacked

Yesterday morning I discovered that my website, this website, got hacked. The first thing I noticed was that email from my account at this url wasn’t coming in. Then there was the very long spammish-looking email it turns out wasn’t spam after all. Somewhere within all the gibberish was the address of my hosting service and a message saying my account has been suspended. 

So when I called up my site, all I got was a screen just like the one shown above. When I tried to login to WordPress admin, same thing. And with cPanel, same thing. Bad stuff. I was able to start an online conversation with technical support at my hosting service. My account was suspended because it’s against their terms of service for me to host pornography on my website. 

But I didn’t. Honest.

My account would be unsuspended on condition that I remove the offending material within 24 hours and that I promise never to do it again. And I was warned of their three-strikes policy. What a relief I get two more chances before my account is permanently suspended.

Once my account was again active I was able to see what got them so upset. I don’t know how this stuff works, but an HTML file got inserted into my root directory. Pornography all right, no doubt about it. After deleting the file I spent the better part of yesterday and much of today backing up my site files and database, upgrading WordPress, scanning for viruses and malware, changing passwords and permissions, backing up again (and again), researching and installing security plugins, and other stuff like that.

This is no fun. And it’s not the way I need to be spending my time, but I need to spend it that way like it or not.

3 thoughts on “Hacked”

  1. Sabio, when I first got started with WordPress, I liked the idea of having my own site with complete control over it—despite the learning curve and ongoing maintenance. I’m kind of stubborn that way. I’m not so sure I’d do the same thing now, though. This is the first time I’ve been hacked. It could have been for lack of diligence and the periods of neglect I subject myself (that is, my site) to. Or, just as likely, it was a result of changing service providers to cut costs. Anyway, you’re right when you say it’s easier to let WordPress.com handle the security details.

  2. Wow, what a hassle.
    I have thought about moving my blog on to own host, but stories like the hassles you have gone through make me feel good about letting WordPress do all the work.

Comments are closed.