I checked my email yesterday to see a notice from my host about how one of my websites, Lyrical Musings, was acting as a phishing scam. It seems that someone gained access, changed a bit of code in my main theme and uploaded a couple dozen directories to use my website as part of their phishing activities. I hadn’t noticed, because I don’t often update it. In fact, WordPress came out with a pretty recent security update, and I was on the ball with my other three websites that use it, but totally forgot to update my writing blog.
Someone must have fallen for the phishing scam and then reported it to the actual website, who then took the time to contact my host and myself. My host immediately shut down the website, and I went to work, because I was at the computer right when I received the email. Although they didn’t touch my WordPress database, they’d uploaded a bunch of files, so I logged into FTP to delete those. I then manually updated WordPress and reinstated the website, so that I could update any plug-ins, all of which were up to date.
I was receiving an odd error, so I ran through all my WordPress files that I hadn’t updated to see if that was any inappropriate code, and I found a single line in the beginning of the index for my main theme. I deleted it, and everything is safe now. In the grand scheme of things, I’ve only personally been “hacked once” in over ten years, so I’m doing okay. The hack was also pretty weak. They accessed no passwords, and didn’t lock me out. I didn’t need to do a complete roll back; although, I could have.
There were a few lessons to be learned anyway:
- Just because you don’t frequently update a website doesn’t mean it’s less of a target. In fact, that may very well be the reason it is a target.
- This is why it’s so important to update all your scripts.
- Scripts as popular as WordPress take security seriously, but can only do so much if you don’t update your stuff.
- You may not necessarily notice that you’ve been hacked. It could take several weeks, if you don’t frequently check the website.
- Every single anti-virus company has a tool to check websites for compromises (although, efficacy varies).
Have you ever been hacked?