I’ll be the first to admit that I’m a WordPress lover. Maybe not as much as this guy and his tattoo but I like WordPress a lot and it has been fun to grow as a blogger along with the program. I’m already beta testing the 3.0 version and like the added features….especially for our school where we run WordPress MU (more on that later).
But a couple weeks ago….April 7th be to exact….U Tech Tips was hacked by someone out there that put a piece a code on the site that redirected the domain of utechtips.com to a side that auto downloaded a piece of malware. Luckily the attack was reported quickly and Google, of all things, kept people from getting to the site (when did Google become a virus scan?).
Of course it had to happen while I was on vacation in Laos for Spring Break not allowing me to actually repair the site until I returned days later. Once returned I first had to find out what the hack was….a Google search and a couple of reads later I realized what had happened.
Next up….how do I fix it? There were a few sites that talked about repairing your WordPress from other hacks but not from this one. The issue was it seemed that the hacker did not put the code in the same place on all websites. So finding the code would have taken forever…..it was easier to reinstall the site.
How do I keep it from happening again? I did a couple more Google searches and more reading and found out that I had the permissions on my wp-config.php file set wrong. So first things first, change the permission to 750 on all my sites (if you know what that means great….if not Google it).
So now time to reinstall my site.
1. Back up your database:
Most web hosting companies keep the database files on a separate server so even though my site files got hacked, my database was safe. Although I wasn’t taking any chances and saw this as a way to just give it a good cleaning anyway.
2. Back up site files
All the uploaded files for your blog posts.
3. Make copies of posts, comments and user database tables separately to reinstall on a new database.
4. Delete all WordPress files, download new clean WordPress install from the site and upload and set up.
5. Import the post, comments and user tables into a the new database making all the content magically appear.
6. Tweek the site.
Of course I tried to trim some corners and kept my theme files and then re-uploaded them. I got the site approved by Google as being malware free. I then made the mistake of putting the old theme back in place and activating it. As soon as I did that malware was found on the site again. So now I knew it was in the theme files somewhere…..so I deleted all those files, found a new theme I liked and customized it for the site…..like it?
So in the end it took me about a week to get the site back….but it cost me only my time. I found
places on the web where others who got hacked were offering up to $100 if you could fix their site for them.
A $100 or some of my own search skills to find the answer myself.
It amazes me how every day there are stories like this of how we’re using Google to find answers to questions we didn’t know where questions just moments ago. I never would have remembered how to do all of this unless I had a reason to do it. I didn’t need to know all the steps, just how to find the information that told me how to do it, follow directions, and make logical conclusions on what should happen based on my actions.
….and yet search skills are not taught in our schools. I use to have tests on if I could find books using the Dewey Decimal system, do we give tests on how well you can search? Should we be?
It just amazes me how easy research is today….where was today’s Internet when I was in school? If only I would have had a trillion web pages at my fingertips I’m sure I could have done better.
This is today’s knowledge, we should spend just a little bit of time in our schools teaching it don’t you think?