I am probably an innocent abroad, but it never occurred if you ask me that my blogs were worth anyone’s notice to bother hacking them. However, hackers seem to view even the tiniest of blogs and users as fair game.
A couple weeks ago, several of my blogs were hacked so when I use many of them as landing pages for my articles, this was a huge set-back to my marketing with articles career!
Now Repair hacked wordpress website like WordPress, but I have to confess that whenever “they” told me how easy it had been for a beginner to begin with with WordPress, for anyone who is new to “all of this complicated ftp stuff”, it is a very steep learning curve. (I’m glad I persevered.)
However, I was just beginning to feel I’d learned the fundamental principles, and had create about ten blogs with a little income to arrive online, when catastrophe struck and I got several hacked within a single week. Don’t ask how or why it just happened – I’m not even sure if I know myself what went wrong, but one after one I started receiving warning messages from Google, and I realized….
Help – my blog has been hacked
To begin with I was pretty unconcerned because I had, of course, backups of all my blogs. I did so this using a popular plugin, so I imagined it will be relatively easy to revive the damaged sites from the backup.
How completely wrong may i be? I clicked at the “restore blog” help page, and my spirits sank as I browse the instructions. I couldn’t help but feel I’d require a master’s degree in Information Technology it was so perplexing (if you ask me, as a newbie).
I asked on WordPress forums and even though everyone there is very sympathetic, their suggestions were largely beyond me. Several clicks to them could be an hour for me to figure out.
In my own horror that I couldn’t work out how to get over the backups I wondered whatever next. My son, who works inside it but knows nothing about WordPress, suggested that I talk with the three different serves where my blogs were hosted and have if they knew how exactly to re-install my backups and clean up the hacking.
It was here that an interesting disparity came into being. The first company, Hostgator, had me back online again in a few days, all hacks removed, without even resorting to my backups. I don’t know how they achieved it, but top marks in their mind.
Hostica, my second hosting company, were also extremely helpful and patient with my problems and misunderstandings, and re-installed the sites from my blog backups.
Unfortunately, although my content was unharmed I had lost all my blog customizations and plug-in settings – that i gather is something “everyone” knows happens once you restore or move WordPress sites. (Well, everyone but me!) THEREFORE I still had quite a few hours work to accomplish to get back to the pre-hack condition. I suspect I have lost many of the “tweaks” I made without noting them down, because having taken backups I never expected I would lose all my settings.
A third company, which I will not name, has still (a full month later) not managed to recover my site despite having access to (a) a backup from the plugin and (b) files I had ftp-ed onto my very own PC as another method of backup. To place this in context, Hostica had my site content (but not settings) recovered within quarter-hour of me sending them the backup from the plugin.
So after 6 very useless weeks, all but one of my sites are online again, and trying to recover whatever credibility they had with Google and co!
Preventing and Dealing with Hacked WordPress blogs
But what advice can I pass on to fellow newbies out of this disaster?
1) Support from your hosting company is essential. Hostgator and Hostica gave me excellent support and I will continue hosting with them. Company three has been a catastrophe, yet when I check online, other people provide them with good reviews. Draw your personal inferences from that.
2) Ideally your webhost will be making regular backups of one’s site in case you need them to recover a site for you personally. But it’s still smart to have a backup of your own, in case the webhost fails. (Unlikely if you choose a reliable company to begin with.)
3) Other tips to prevent such hacking before it happens, are to change your WordPress admin user from “admin” to something more obscure, use an incredibly complicated password that includes special characters, and change your profile which means that your first name is displayed, not your user name.
4) It is also important to keep all of your plug-ins, plus your version of WordPress up-to-date, and make sure you do not display which version of WordPress you are using.
These along with other tips I learned from the free plug-in WP-Security Admin Tools, which I suggest you implement immediately, as it will highlight security weaknesses it is possible to fix.
Best of all, I came across a tool that lets me have a complete clone of my blog in minutes, and recover everything (content, plug-ins, themes and images), even to a clear domain, such as when relocating my blog to a fresh host.
If I had used this inexpensive program before my sites were hacked, I’d have been able to restore them within minutes from clean, compressed backups, such as for example those I will have on my PC.
In the future, if I were dissatisfied with my webhost, these copies certainly are a breeze to go to a completely new company.
Or should I would like to duplicate a clear customised blog to start out a fresh one with the very same setup, that is also the tool for the job. In fact that is its main purpose – the backup function is advertised as a second function.
Establishing the tool was a piece of cake with Hostgator. Setting it up with Hostica didn’t work first time, but the publishers worked with me to recognize and resolve the difficulties, which were in database settings, so all is well now.
Yet another example of excellent support came from the their staff.
To conclude, my recommendation to any-one, newcomer or experienced user alike, who’s concerned about how to backup and safeguard your WordPress blog is to save yourself hours of grief and heart-ache, by using this tool.