*** These posts are a a little more journal/stream of consciousness oriented, giving you a candid look into the ups and downs of being a new blogger. I hope that these posts will be helpful to you on your blogging journey. Shanna ***
Twice in the same week. I am not sure if I am cut out for this while blogging thing anymore. My heart just can’t take the stress.
Tech support told me that someone had injected malicious code into my WordPress installation. I felt like a parent whose child had been beat up by a bully on the play ground.
I frantically e-mailed back and forth with tech support while they helped me with re installing Wordpress and restoring my files.
So, unfortunately, I have learned the hard way that being hacked is just an inevitable part of playing the game of being a blogger.
My ignorance removed now, I have taken steps to implement tougher security measures (and hooray for daily backups! If you aren’t using some sort of plugin for backing up your files, you should be!)
We never did figure out exactly how they got in, but my tech support angels did give me some good ideas about how I could make my blog more secure:
Here is a list of lessons that I learned the hard way last week:
1) Just because your blog is not very big, or because you don’t make any money off of it does not mean you will not get hacked! There are obviously just too many malicious geeks out there with too much time on their hands. Assume that it will happen, and make a plan ahead of time.
2) You should install some sort of security plugin on your blog. Here are some ideas:
3) BACK UP YOUR FILES! Don’t wait. There are lots of plugins to do this for you. Find one and install it.
4) Getting hacked will hurt your stats. My traffic levels have gone down significantly, my Alexa rank went down and I lost RSS readers. It was as if everyone ran away, afraid that I was going to give them some sort of nasty, contagious virus.
I estimate that this has set me back 3-4 months, which just means that I will need to work extra hard now to recover and bring that number down.
5) Keeping WordPress and all plugins up to date can help keep you safer.
6) Get rid of your standard issue “Admin” login in WordPress. It is too predictable. It is like leaving your back door open with a red flag that says “Rob me.”
7) Delete any extra themes that you are not using, particularly the standard issue ones that come with WordPress. No sense in leaving extra files around for someone to tamper with.
Have you ever been hacked before? What steps did you take to recover from it, and how long did it take?