If you stopped by my blog yesterday, chances are that you saw a simple message on the screen instead of my usual post. It started last night when I was getting ready to write my usual blog post around 11:30 at night. I pulled my Mac onto my lap and logged in to WordPress only to find that my Dashboard page was all messed up. This was a little concerning so I bailed out and pointed my Google Chrome browser to my blog only to find a warning screen alerting me of a malware threat on my site.
This isn’t the first time I have seen this warning pop up for my blog. The first occurrence happened a few months ago. With that previous episode still fresh in my mind I quickly went to my FTP program and downloaded one of my PHP files to quickly take a peek at the code under the hood. For those of you that don’t know, PHP is the scripting language that WordPress blogs are built on. When I opened the file in Dreamweaver, my fears were confirmed. There, at the top of the file, was a huge block of text that should not be there. Yes, it was the dreaded hack, just waiting to send unsuspecting visitors to some nasty malware sight.
The first thing I did was to quickly create a simple new index page in html to post up on the server in place of my normal blog. I did this for two reasons. First, I didn’t want Google to search my blog and find the malware redirect. This would put me on their naughty list, which can take a while to get off of. The second, and more important reason for the new index page was to keep you, the unsuspecting reader from possibly getting infected by coming to my blog. I take great pride in putting out a quality website for you and the thought of harming your computers and putting you through malware hell really bothered me. That’s why you might have seen that simple message if you stopped by yesterday.
The Fix -
So with my blog in temporary shutdown mode, I decided to catch a little sleep and worry about it later. By the way, I forgot to mention that the nasty bit of code seen in the image above had not only infected my index.php file but about 1400 other files. It was a massive infection that was beyond my meager web skills so I did the only thing I knew how to do, I called the smartest web-savvy guy I know, my buddy RC Concepcion. RC had helped me get rid of my last hack attack, which was very similar to this one, so I was sure he could probably help me out again. What I didn’t know was that RC had a new strategy for dealing with my problem and it had to do with my hosting company, GoDaddy. The last time I was hacked, RC downloaded my entire site and scrubbed the offending script from all my files but this time, he turned to a tool on GoDaddy to quickly get things back on track.
See, GoDaddy has a this great feature that I didn’t even know about. It’s kind of like the Time Machine feature on my Mac. Located in the hosting tools on GoDaddy is something called the File Manager. The manager works like any other file browser and shows you the files from your website. But it also has a great little feature that lets you go back in history to a previous day and restore all your files from that point in time. So that’s just what I did, I picked a day when I knew my blog was working well and restored the files and BAM, everything was back to normal. GoDaddy and RC had saved the day, and hours of my life that I was planning on using to fix my blog.
So here’s my advice to you future blog owners; you should seriously consider using GoDaddy as your hosting company. Their service is rock solid and they have some fantastic tools that make their service worth every penny. My other piece of advice is to find yourself an RC. No, you can’t have mine but you can borrow him by way of Kelby Training. He has a ton of training videos on Dreamweaver, WordPress, and other web related stuff that will help to prepare you for the world of blogging.
As for me, I’m going to get some sleep and rest up for a weekend of book writing. Have a great, hack-free, weekend.