News:

Forum may be experiencing issues.

Main Menu

My pedal blog got hacked :-(

Started by mjg, March 11, 2018, 08:59:28 AM

Previous topic - Next topic

mjg

I sat down tonight to write up a few build reports, and found that my pedal blog had been hacked. 

It's some stupid javascript that has replaced all of the WordPress default javascript with nasties, and it's also gone through all of the other Wordpress sites that I have on the same domain and infected them too. 

So.  No build reports tonight.   :'(

I've deleted all my sites so that they can't infect anyone else.  I left the images so hopefully my old build reports still show up with images in their threads. 

I've managed to save the text of all my blog posts, when I'm feeling up to it I'll try create a clean install and import what I can.  Not really feeling motivated to do that right now. 

And I was having such a good weekend - building a new desk for pedal building, and some shelves to house all the pedals. 

Stupid internet.



Rockhorst

Yeah, that's one of the reasons I decided against another WP site. The thing is, sooner or later, they'll get hacked, unless you are on top of the situation the entire time, keeping it up to date etcetera.

287m

hacked or defaced?
in shared hosting? if yes, not 100% your fault. Just shit happen. Some hosting company have bad security.
original or nulled theme? if nulled, purely your fault. Been there. hahaha

Hope you recover. And your blog isn't listed as infected by malware etc

I still use WP for some friend who want blogging. As long as they update and use clean theme, i support. Although i just click and click.  ;D
Some guys here are developer and WP user too. Call Aion, Cody selfestroyer.

mjg

I was pissed off about it for a while, and upset that I will have to redo a bunch of posts.  But I can put it in perspective now - it's only a friggin website anyway, and it's not like I've lost the actual pedals themselves. 

My day job is a software developer, so I should be all over it.  But I use Wordpress for a few personal things as the last thing I want to do when I get home from work is maintain anything complicated. 

It looks like I had some older Wordpress sites on the same domain, and yeah, I'd used some themes and plugins that it looks like aren't being maintained any more, so that might have been the entry point.  And once they got into one of the sites, they managed to overwrite every javascript file on all the other Wordpress sites as they are in a shared folder structure. 

I've blown away all my Wordpress sites, and installed a new clean one, with default Wordpress theme and no plugins.  I'll see how that goes. 

I read just this week that Wordpress is something like 30% of the web now.  Which makes it a huge target for hacking naturally. 

Rockhorst

Looks like you have the know-how to remedy the situation. I hope you do :) When it's back up, put a link to your blog in you signature.