“Your site is down”… these four little words strikes instant panic and shortness of breath into bloggers. Was my block hacked? Is it a server thing? Is it… something else? Arrrrghhhh! The stress of how long has it been offline and the concern about how many people have tried to visit and won’t be back as a result are imminent. It doesn’t matter how chill you are normally or how good you think your security is, you immediately jump to the worst conclusion, I’ve been hacked!
The Day My Blog Got Hacked
Which is my case is exactly what happened. One minute my ‘mummy blog’ was fine and parents were actively leaving comments and reading articles, and the next my whole site was in lockdown! I could not access a single thing. It was almost as if I had as much control of MY own website as someone who had never even heard of my blog.
Panic. Hyperventilating. Heart pounding chest. Ok maybe not quite but anyone who has had their blog or website hijacked knows all too well the feeling I’m describing.
But I had security…
About 12 months ago I experienced a minor breach in my security. No real damage was caused but images were changed and redirected elsewhere. This was fixed pretty quickly so I increased my security and forgot about it. Until this latest hijacking.
The first I knew about my site being ‘down’ was when readers started messaging me on Facebook sending screenshots showing me the errors they were receiving. Thank goodness I have caring fans that took the time to tell me and that I had Jetpack Monitor set up to alert me when my site goes down.
From there my host notified me that my URL was placed on the Spamhaus blocklist as a result of a malware attack that was of serious risk to causing damage. They shut my site down to protect not just my parenting blog but other websites using the same host as me until I could rectify the issue and prove that the malware had been removed and my site was free from viruses.
Time to take action
It was almost like going into shock. You just act and hope you are doing the right thing. Thankfully for me, I know I am not equipped to handle anything like this. I don’t like making minor edits let alone serious stuff.
So I was left with two options. 1) Ask and wait for someone to help and pay them for their services. Or 2) Pay a well-known blog security platform like Sucuri to be my knight in shining armour. I opted for option 2 out of desperation.
Now armed with a new $300+ security subscription the tech gurus have restored my site, removed the malware that had caused my site shutdown and I am back online. After 16+ hours! A lot longer than ideal but at least it is virus free and I am protected from here on out.
Tips to prevent malware attacks
You may not be able to prevent being hacked or having malware embedded in your site but you can take action to minimise the risks of falling victim to cybercriminals.
- Update – whenever an update is available for your blog themes or plugins, DO IT!
- Security – get good security that sweeps your site more than once a day and checks all files. Kirstan from KDesign says “Often malware will be planted somewhere you might not look; like in unused theme folders, upload folders, outdated plugins, or even other folders in your account unrelated to WordPress”
- Passwords – change your passwords often. All of them. Not just your admin login, every users password, your cpanel password, the whole bit!
Over the past few weeks I have seen bloggers mention that their sites have been hit with malware, but you always just assume it won’t happen to you. Guess what? It just might.
The saga is now over for me and while I am still a little shaken, I am so grateful for the team that acted promptly to remove the malware and restore my site. If you don’t have good blog security, GET IT NOW!