Our WordPress Blogs Were Hacked!!

Over the past few days, some of you may have seen a pop-up from Google notifying you that we may be distributing malware!

Well….As it turns out a hacker got access to our web host. They gained access to all the core files that run this web page as well as our other blog http://fruitfulista.lifetransplanet.com. They were able to insert some kind of redirect that only happened occasionally on certain pages.

Google “crawls” webpages nearly every day for content and in turn this is how they feed their search engine. In addition to scanning for web content, if their Googlebots happen to come across a page that redirects them, they flag your site as having malware. This is bad for a few reasons.

Google, for the most part, controls the internet. If you get on their blacklist for any reason, traffic will simply stop flowing to your site. This is what happened to us. Some browsers like Chrome or Firefox will display a warning based upon this blag flagging by Google:


DANGER!

This was the first time I had this happen to our websites. So it was again, time to learn about it and figure out how to fix it. In some ways I enjoy a good challenge, it seems to be what my brain was tailored for. I checked our webhost and since there were multiple sites that had been hacked I figured it had to be compromised. I updated all the passwords on wordpress as well as on the host. I then moved all the sites from the host back to the Linux box in the basement that I used to host from.

Google’s webmaster page allows you to have them recheck your site for the malware once you’ve done something to try and correct it. So after I moved everything off the host I had it re scanned. Well….Still infected!

At this point the next step was to replace all the core word press files. It’s unlikely that the content was hacked (pictures, music, etc) but was just the core PHP files that run WordPress. So I downloaded a fresh version of WordPress, then copied in all of our content and re uploaded the package. Google re scanned and, it came back clean!! So we are safe to browse again and actually I am not sure if we ever weren’t safe. I never did find the code that was compromised, but rather took a shotgun approach and just replaced it all with new. 

If you’ve noticed that our style looks a bit different, that’s why.  I still have to go thru and add some stuff back in.  Or we may use this as an opportunity to redesign our site.  We’ll see.

What do you think of this post?
  • WOW (0)
  • Awesome (0)
  • Interesting (0)
  • Useful (0)
  • Bummer (0)
  • Whoa (0)

8 thoughts on “Our WordPress Blogs Were Hacked!!

  1. Wil

    It is at an alarming rate that Google is compiling personal data, and controlling the web. Thank you for NOT using Google Blog software! Just recently, Blogs on Google are requiring a Gmail address, password, gender identification, and a signed “Terms of Agreement” before a reader can view a Google based Blog. As we know Google tracks the readers clicks, time spent on the site, where the reader goes before/after reading the Blog. This tracking info is recorded to later be sold for marketing/advertising. I wish people would consider how they would feel if a stranger (Google) followed them to the library, looked over their shoulder as they read through books/magazines, etc and recorded every move, because that is what is going on now.

    I wonder if Google will be aggressive to non-google based blogs? we’ll see.

    Reply
  2. Britton

    Google has a lot of info and so does Facebook. It seems strange that we hand over our personal data so easily. Although I must admit that when I signed up for Facebook I didn’t really think about that aspect..lol.

    I too wonder if Google is biased in regards to non-google based blogs. We’ve had a hard time getting our page rank up even though we have been at this for a few years and have some interesting content.

    It’s all a learning curve and it changes so quickly. I am pretty glad I got this ‘malware’ thing resolved though 🙂

    Reply
  3. Ira

    I would suggest that you sign up for an account with theshosting.com. They provide free malware removal services on anybody hosted on there servers. My site was hacked at blue host and they were able to transfer it from blue host and also remove the malware injection for free!

    They were even able to tell me exactly where the hack originated from as well. They said it came from an outdated timthumb.php file which they were able to update for me.

    They also did a scan of my account and told me all the security vulnerabilities of my account.

    I honestly suggest switching over to them if your website is hacked. They can transfer and remove the hack from your site. Best of all they do this for free.

    Reply
  4. Britton

    Thanks for the suggestion Ira. I’ve cleaned up the site and will look into another hosting provider. Problem is I am just too cheap to want to pay for hosting!

    Reply
  5. Daniel

    If I may suggest using startpage.com for online searches. It protects your online privacy and tracking info unlike google and other search engines.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *