Howdy mes amis, woooooooo what a crazy couple of days I’ve had and not in a good way. Actually, that’s not true. Things are better now and we’re on a canal somewhere in Alsace. More to come on that soon.
This post needs a strong beverage though, so I’ll be right back after I pour myself a nice glass of wine….. ok back. Just kidding, it’s 7am and I try not to pop any bottles before noon.
So what’s this all about?
You may have visited my site at the tail end of last week and noticed it was loading really slowly or not at all. Sorry about that! That’s because someone got access to my server and did things they had no right to do. Yup, I was hacked. DOH! Luckily they didn’t wreak too much havoc and I got it taken care of right away. Let me explain what happened.
When your site gets hacked
For over 4 years, I’ve been really lucky and had never been hacked. So I guess in a way, it was about time. Everyone thinks it can’t happen to them or that they’re too small of a blogger for anyone to care. Or that a strong password is enough. It’s not.
Some background: I own several domains all hosted by the same company on the same server. A few are expired and 4 are active sites. One of those sites is Oui In France.
So here’s what happened.
A few weeks ago I started getting error messages when I’d be in my WordPress dashboard. Just little things that were easy to overlook as a error like the comment section not loading or a database error. A simple refresh or two would clear that up and I’d thought nothing of it.
Then my hosting provider sent me a few autogenerated emails to tell me malicious files were found on the server and that they were removed. These emails are what confirmed my suspicions and clued me in to the fact I was hacked. The provider was no help at all in telling me which site(s) was compromised, how this person got in (so I could fix it) and what I should do. ZERO HELP. Since then, I’ve switched to Siteground and they are AMAZING. I recommend them to everyone.
So for a day, I was confident that the files were gone and hoped I’d be OK. I waited for 24 hours to see if anything looked weird. Then my site started going down intermittently. When it did come back, it took a whopping 30 seconds to load on a desktop. Not good.
At this point, I knew that my site was compromised and that fixing it was beyond my tech abilities.
I immediately contacted Michael of Expats Paris because I’d read an article on his site about his hacking situation a couple of months back. He responded right away, totally understood, and pointed me in the direction of a tech friend of his. (Michael is awesome and could have just ignored my message, but he didn’t.) This was 11 at night and his friend replied and then pointed me to his friend who had more experience in WordPress. This friend took a look for free and spent time trying to help me figure out what was going on. I appreciate Michael and his friends’ help so incredibly much.
Once I learned what I was dealing with, I then contacted the wonderful Chris of RTW Labs after reading about how he helped Alex in Wanderland back in 2012. And wow. He not only responded right away, but figured out what was going on in about 10 minutes and was confident he could clean it up. And he did. For a reasonable price. I wholeheartedly recommend Chris if you get hacked. This is what he does not to mention he answered all my dumb tech questions. And he’s nice. 😉
So how did this hack happen?
The hacker found his/her way in through an outdated Joomla install on one of my other sites that was created back in 2012. It was a static site, not a blog, and because I didn’t use it anymore I more or less forgot about it. Completely my fault.
Due to an outdated version of Joomla, the hacker found his/her way in through that site and gained access to my server. I’m actually surprised it took them this long to hack me. They installed files and programs on every single domain I own and went for maximum impact so that if you removed one section it could re-infect itself in another way. Chris said they “essentially built themselves a web of back doors into my site to make it hard to get rid of them.”
Luckily we stopped the hack before my sites were compromised further. I was lucky in that regard.
Getting hacked was supremely frustrating or a couple of reasons.
The first reason is the stress of it all. When you have other things on your plate, it can be very overwhelming to have to deal with a hack and you feel violated. Some jackass breaks their way into something you created and it’s a real mess to deal with — from figuring out where the issues are and then having the know-how to find someone competent enough to deal with it. You don’t just want to clean up the water from the leak but fix the pipe entirely, so to speak. I don’t like being stressed out by stupid tech stuff. My blog is really important to me and even having issues for only 2 days was really frustrating.
The second is the cost factor. My blog is my hobby and earns about $7/month in Amazon affiliate commissions. It costs me much more money to maintain including hosting fees (that are way more than $7/month), domain cost, Mailchimp fees, etc. etc. etc. To get a security expert to clean up a hack freaked me out in terms of what it could cost me. Chris linked above is reasonable though.
I can’t make that decision for you. Do you have money to spare? Is your blog a business and does it make money? Are you tech savvy? I will say that at the very least, make sure you have a strong password… something impossible to crack like f8Si^.00)3kgj#Fd&Wj! (I use LastPass to manage all my passwords so I have strong ones and don’t have to keep track). Another biggie is that you keep all your themes and plugins up to date. If you think a hack won’t happen to you, you’re wrong! Thousands upon thousands of sites are hacked every single day.
Luckily things are back to normal around here and I’m grateful for Chris’s help. If you get hacked, email him (not a paid endorsement. Just super impressed with him and how he cleaned everything up for me. I was happy to hand over money at the end of this mess.). Then switch your hosting to Siteground. Like night and day.