Hacked off by hackers – how I persevered and won the battle despite almost total defeat (and launched a new website into the bargain!)

Dear readers, how are your new business ventures going? Have you made resolutions to start or grow your business this year? And how is progress against goals so far?

For me, the year started well with solid goals in place and a determination to succeed. I’m already pretty much living my ideal lifestyle but need to increase my monthly income (don’t we all!).

Then …Disaster!

Everything was going well until about two weeks ago when my laptop started playing up. I was getting messages that someone, or something, was trying to change my settings and getting increasing c: drive error messages. I also found my laptop would overheat and then the screen would go black.

On top of this, since last Summer, I’ve been plagued with my wordpress sites being hacked. I have 18 domains registered (five authority or “main” sites, and thirteen niche sites). My hosting company support team have been brilliant and each time I’ve been hacked (3 or 4 times in total), they’ve cleaned up the site and got me live again.

Towards the end of January though I started getting emails from new subscribers saying they were getting a virus or Trojan threat alert when visiting one of my download pages. The hosting company support were saying they had cleaned it, and couldn’t see a problem, but I continued to get anxious emails. If you were one of the people who got the virus alert and emailed me, thank you so much for making me aware of the problem.

What about all the momentum I’ve built up?

By now I, and the hosting company support, were getting exasperated as my women’s way to wealth site was being cleaned and then immediately becoming re-infected. Not only was I worried about what was causing this constant re-infection, people were starting to unsubscribe from my list and I was starting to lose some of the great traffic and momentum that I’ve worked hard to build up.

In addition to guest posting on some popular blogs, such as rightmixmarketing and Jay orban’s reviews, I was a finalist in the Firepole Marketing competition and my traffic and community was building. I can’t tell you the frustration at having to stop all work on my site and all communication with my subscribers while this was sorted out. Then, as my frustrations levels were already increasing, my laptop finally spluttered onto its final legs. So, now I had no laptop, no ability to communicate with my subscribers or fellow bloggers, and my websites had been hacked. Disaster!!!

Time to give up?

It’s times like that that make you want to give up. I felt totally frustrated and really angry that the momentum I’d work hard to build up would take a big step backwards. In the early days of setting up a new online business or blog building the momentum of community is like pushing a boulder up a hill, or launching a rocket into the atmosphere. 80% of the effort is at the beginning, then you only need 20% to maintain it. So, I felt as if I’d got the engines revved and then someone had clamped my wheels.

Various emails and desperate cries for help went backwards and forwards to the hosting company support desk. They suggested two remedies, which I didn’t feel able to handle myself, so I outsourced through People Per Hour. I highly recommend this site if you need help with anything (more on that in another post soon).

The remedies recommended were a) to back-up and remove all my wordpress files and databases, and then completely remove and reinstall the wordpress installation – for each of my 18 websites! And, b) Load a new theme and remove, update and reinstall, all my plug-ins (I have about 12 on each site!).

Honestly. I felt like crying!!

The internet marketing communication dilemma

I couldn’t risk emailing my subscribers (sorry for the quiet couple of weeks folks), because its when you email your list that your traffic spikes and people visit your site. And for once I didn’t want that as it would have flagged up more virus alerts and spooked everyone.

On the other hand, I didn’t want to completely disappear off the radar and not communicate with anyone. It was a real dilemma. In the end I decided to outsource the remedial work – which only took 2-3 days – then re-launch my new site with its jazzy new theme (http://womenswaytowealth.com) – let me know if you like it! And then contact you, my loyal subscribers knowing that I could announce a safe, virus-free, site once again. Which I’m doing now.

The worst thing for me was the fear of sending anyone to my site and them getting a virus threat alert. That’s suicide for any web business. So, I held tight while the clean-up operation took place.

The solution? Or maybe not?…..

Feeling happy that I’d found a great wordpress expert to clean up my sites for me, there was more bad news to come. In fact his second email to me started “I hope you’re sitting down, I have some bad news…” oh dear, not what you want to read when you think you’re on the road to recovery and have found a solution to your problems!

Of my 18 sites, all but 2 were infected – they had been hacked and had rogue html code added to the index.php files and some pages. One of my pages had been hijacked and was forwarding traffic to a Russian Viagra site!

It’s very hard to check every page, every plug-in and every piece of code and what was happening was that because 16 of my 18 sites had been hacked, every time we cleaned one up, the others would re-infect it. A bit like a nasty yeast infection (yuk!!).

Mike, my People per hour, WP expert had some quite draconian, but sensible considering the situation, suggestions. Delete everything on all except the essential sites, for which he would back-up the data files, delete the wordpress installation including all plug-in’s, files etc. and then reinstall. He then painstakingly had to reload all the content files, plug-ins and widgets after they’d been checked and scrubbed.

Hard decision time

I had some hard decisions to make and the end result is that of my 18 sites I now only have 5.

The other 13 were completely deleted and removed. I still retain the domain names but if I want to use them I have to start from scratch, re-install wordpress and recreate ALL the content. Some of my sites had a lot of content (blog posts, articles, links etc) but on 5 of my sites the hackers’ code had wiped out the contents, leaving empty, virus-ridden websites. This had happened to an older site that hadn’t been updated in a while, and my most recent new site that was being constantly updated. Go figure, there’s no logic to the pattern at all.

The big lessons learnt?

  1. 1. Always create non-obvious user names and passwords for your wordpress admin log-in’s. There is a good reason why you shouldn’t use “admin”/”admin” for your name and password. The hackers know people do this (yes, I’m guilty of it too on some of my earliest sites) so don’t make it easy for them to access your wordpress sites.
  2. Keep your plug-in’s updated. Another trick the hackers use is to get into your sites through opt-in forms. So, when you enter your email into the box they can put code on your computer that will infect your pc and your files, collect your passwords and get into your wordpress sites. It’s very clever and very scary, and, of course, you don’t know where the infected code has come from so you can’t avoid it. (side note: one friend of mine mentioned recently that he has a separate email account purely for signing up to email lists – that’s probably very sound advice).

3. My WP expert has also removed the version code from the plug-in’s because the hackers are searching for old versions of the plug-in’s to hijack. You can easily remove the version number so they don’t know which version you’re using, and they will probably move onto an easier target. It’s just like protecting your home, if you make it hard for burglars to get in they’ll just move on to an easier target.

What now?

So, now with a new computer and 5 shiny new clean websites I am back in business, and slightly wiser than before. I’ve changed, and will change on a regular basis, my cpanel and wp-admin passwords, I’ll keep my plug-in’s updated and will be very careful about what I download and from where.

There are also wordpress plug-in’s that monitor your code for likely hacked code and alert you so those have been installed on my site now too. I would definitely recommend you do the same.

And, yes, before you ask, I do have all the usual virus checker software and tools on my laptop and pc, but they didn’t stop the hackers so it’s worth having “internal” wordpress virus protection as well. And if you’re not sure, or it all seems too much, then take advice from people that know about these things. It saved me many hours of trying to work it out, or worse still, giving up altogether when it seemed just too much to bear.

Leave A Reply (8 comments so far)

CommentLuv badge

  1. Cassie
    3 years ago

    Hi Missy, thanks for sharing. I feel your pain. Even worse on your authority sites. I had to have all my files downloaded, WP stripped out, and then everything cleaned and re-installed. It took my tech guy over 3 hours just to clean up Women’s Way To Wealth. I ended up deleting 13 of my 18 sites as it would have taken hours and hours, and cost a fortune to clean them all up.

    I wish you a speedy result and your traffic back again. See Oliver’s video about how you can protect your site from future hacking.

  2. Cassie
    3 years ago

    Thanks Oliver, I’ll circulate to my list, we’ve already had one other person suffering from hacking. I hope this will help others too. Thanks again for taking the initiative.

  3. Missy
    3 years ago

    I am going through the exact same nightmare, except that my story is still unfolding. I haven’t been able to clear the two sites in question yet. Unfortunately, they are my two big authority income producing sites, traffic has all but evaporated right along with the income and I am at the mercy of my tech guy.

    As a non techy, this is all Chinese to me and it’s extremely frustrating.

    Onward I march and hope my story ends like yours – sooner rather than later.

  4. Hi Cassie,

    I’ve heard about so many people having their sites hacked that I thought I would create a couple of videos about protecting your site from being hacked and also how to set up automatic backups of WordPress sites:

  5. Cassie
    3 years ago

    Thanks Robin, do please let me know if you have any other tips on protecting your WP site from hackers.

  6. Robin
    3 years ago

    Being a web developer myself and having seen the chaos this can wreak on unsuspecting site owners, I can only sympathise with what you’ve gone through! I’ve helped “clean out” a couple of WordPress sites myself, and it can be a messy business, unfortunately, when a site gets hacked – the hackers aren’t interested in maintaining the site’s structure, they just want to insert their links into a site and spam as many people as possible. Not at all pleasant, especially if there’s no backed up version of the code available!

    It sounds like you’ve been given some good advice though, and seems like things are back on track. WordPress is a fantastic system but unfortunately because of its popularity, it can often be a target for attacks, so keeping everything locked down is a priority (as you’ve found though, there’s plenty of tools out there to keep the bad guys out :) )

  7. Cassie
    3 years ago

    Thanks Oliver, that’s great advice. It’s all a bit technical for me but it would be useful for anyone using wordpress so perhaps we can chat more offline – or would you like to flesh out your advice into a guest post for my site? Tell us exactly you set up automatic backups and scrubbing systems.

    Nightmare being hacked and losing 13 of my sites but live and learn I suppose! Look forward to working with you on seo, hopefully.

  8. Oliver Polden
    3 years ago

    Hi Cassie,
    I’m so sorry to hear about your sites being hacked.
    The best way around this sort of thing is to have a backup strategy. Set up automatic daily and weekly database backups. You can automatically delete old daily backups that are 2-4 weeks old, and delete weekly backups that are 6-12 months old.
    Next are your site source code files. Ideally these should be in a version control system such as Subversion or Git. Then if you do get hacked you can just run a reversion command. You should also check that the files are not writeable, this will stop anyone that has admin access to your CMS from changing files from within the CMS.
    Lastly you have uploaded files. These can be backed up to a third party such as Amazon S3.

    To bring it all together, you can have a redeployment system that essentially does all the scrubbing automatically and typically takes from a few seconds to a few minutes (depending on your database size) to have your sites good as new.

    Hope that helps,

Social Media Auto Publish Powered By : XYZScripts.com
Read previous post:
Online Marketing Secrets From Denise Wakeman and Danny Iny

The secret? Be visible everywhere. I'm reading a lot of year end "best post" type articles at the moment and...