Protect Your Blog Or Get Hacked Like PracticeThis.com Was
| www.PracticeThis.com was recently defaced, hacked, hijacked, poisoned by hackers. Instead of usual content the site was exhibiting “Security Z3ro”.
How ironically, in my day job I am software security [and performance] engineer.
That taught me a lesson that I want to share with you.
|Once I realized I have been hacked, these are the steps I have followed to get back on track with minimal losses.|
Contact Your Hosting Services Provider
I am hosting my blog with www.BlueHost.com. They offer very good technical support – registered accounts like myself can open either Service Tickets (SR) or start off immediate chat with technical support representative. I decided to fire up a chat client with their rep after observing this image on my home page:
The www.Bluehost.com rep quickly verified my identity and then following my request disabled totally the access to www.PracticeThis.com. I preferred to not serve my readers at all vs. serving bogus content instead.
Rollback The Latest Backup
www.Bluehost.com offers flexible backs up system. Most recent backup was from April 12 2009, so I asked to restore it. That is the reason some comments on the blog are not shown – they were submitted after that date. Dear loyal commenters, sorry for that. I also needed to republish my recent post – What Your Kid Knows About Creativity – as it was published after the latest back up. Subscribers might have received the content twice. Sorry about that – I have not meant to be annoying that much.
Re-Configure Security Settings
Following the advice from the technical support at Bluehost.com I changed my passwords. I also, changed moderation policy. In “Comment Moderation” section I have changed it to “Hold a comment in the queue if it contains 1 or more links” (the default setting was 2). This configuration can be found in Settings->Discussion section of WordPress administration. I have my take on how my site was exploited which is way beyond the theme of this blog. Ping me via contact form if you are interested to hear the details.
Share Your Security Practices