Yesterday morning I discovered that my website, this website, got hacked. The first thing I noticed was that email from my account at this url wasn’t coming in. Then there was the very long spammish-looking email it turns out wasn’t spam after all. Somewhere within all the gibberish was the address of my hosting service and a message saying my account has been suspended.
So when I called up my site, all I got was a screen just like the one shown above. When I tried to login to WordPress admin, same thing. And with cPanel, same thing. Bad stuff. I was able to start an online conversation with technical support at my hosting service. My account was suspended because it’s against their terms of service for me to host pornography on my website.
But I didn’t. Honest.
My account would be unsuspended on condition that I remove the offending material within 24 hours and that I promise never to do it again. And I was warned of their three-strikes policy. What a relief I get two more chances before my account is permanently suspended.
Once my account was again active I was able to see what got them so upset. I don’t know how this stuff works, but an HTML file got inserted into my root directory. Pornography all right, no doubt about it. After deleting the file I spent the better part of yesterday and much of today backing up my site files and database, upgrading WordPress, scanning for viruses and malware, changing passwords and permissions, backing up again (and again), researching and installing security plugins, and other stuff like that.
This is no fun. And it’s not the way I need to be spending my time, but I need to spend it that way like it or not.