They Got Me Again!

Scott Costello Blog 12 Comments

monster_hackedLast night I settled down to my computer and had plans on writting an article or two for my “local blog”.   I typed the address realestateinnorthernjersey.com/…. to get to my admin page and I got a page not found….Hmmmm…that’s odd I thought.

I then tried to view the site directly and I got a big “YOU’VE BEEN PHUCKED!” message.  Pannic sets in as I frantically check this blog and sure enough the same, I then checked all my other sites and all the same.

I ftp’d into my account to find all my sites have been deleted and replaced with one file named phucked.php.

Splendid!!

This is the second time my site has been hacked in 4 months.  The first time it was all my joomla based sites, but my wordpress site was spared.  This time ALL were deleted.

The good news (as you can see) is that I had backed up this site last week so I only lost a few modifications that I quickly fixed.  Lesson learned again.

I suspect that one of my plugins has a security hole that some hacker exploited using some php script.  Does anyone know how to figure this out?  I use Login Lockdown for my admin pages, but not sure what else I should use to protect against hackers in the future.

In any case I’m now on the hunt for a backup utility that can be run quickly for when I make updates.  I was lucky as I didn’t back up my database which would have been catastrophic.  I will be backing that up right after this post.

Only a minor set back though…Moving on 🙂

Follow me

Comments 12

  1. Right now I’m backing them up on my local computer. I used FTP and downloaded the site and then zipped it up. I’m still investigating the tool winSCP that will sync up files on your hard drive with the files on the host server. This will make life easier. The database on the other hand has to be backed up using a utility from your hosting service.

    I remember you saying your blog is still hosted by wordpress so I don’t think you have to worry, but if you were to use wordpress hosted by another hosting service then you should back everything up.

  2. Post
    Author

    Right now I’m backing them up on my local computer. I used FTP and downloaded the site and then zipped it up. I’m still investigating the tool winSCP that will sync up files on your hard drive with the files on the host server. This will make life easier. The database on the other hand has to be backed up using a utility from your hosting service.

    I remember you saying your blog is still hosted by wordpress so I don’t think you have to worry, but if you were to use wordpress hosted by another hosting service then you should back everything up.

  3. Yeah its hosted by WordPress today but within the next week or two it will be hosted by HostGator which is hosting my squeeze page. I figure I should make the move now while it won’t be as much of a pain (I think I have to reload all images, etc). I decided to move it because you can’t use any plug-ins at all when hosting on wordpress.com. I want more flexibility so I’ll definitely have to deal with backing up files. My thing is that I do NOT remember to do back up myself…it was to be automated or I’ll forget to do it.
    .-= Shae´s last blog ..Phone a ringin’ and buyer leads a comin’…and accountability =-.

    1. If you leave your old blog up then you will still see the images when you port it over to your hostgator site. The reason is that the new site will be linked to your old site. You could copy all the pictures over and then remap all the links but in my opinion it wouldn’t be worth all the fuss. If you ever need one of the pictures on your new site, then upload it.

  4. Yeah its hosted by WordPress today but within the next week or two it will be hosted by HostGator which is hosting my squeeze page. I figure I should make the move now while it won’t be as much of a pain (I think I have to reload all images, etc). I decided to move it because you can’t use any plug-ins at all when hosting on wordpress.com. I want more flexibility so I’ll definitely have to deal with backing up files. My thing is that I do NOT remember to do back up myself…it was to be automated or I’ll forget to do it.
    .-= Shae´s last blog ..Phone a ringin’ and buyer leads a comin’…and accountability =-.

    1. Post
      Author

      If you leave your old blog up then you will still see the images when you port it over to your hostgator site. The reason is that the new site will be linked to your old site. You could copy all the pictures over and then remap all the links but in my opinion it wouldn’t be worth all the fuss. If you ever need one of the pictures on your new site, then upload it.

  5. Hey Scott,

    It turned out to be a lot easier than I thought….the files transferred over with no problem. The only reason the transfer took me about 3 hours is because I went back a tagged everything and re-categorized. But I’m back in business! Do me a favor please and update your Blogroll link to be http://www.goodfaithinvesting.com instead of the wordpress hosted one. Thanks Scott!
    .-= Shae´s last blog ..Tonight’s seller lead calls =-.

Leave a Reply

Your email address will not be published. Required fields are marked *