It all started last Friday evening when I started getting emails saying that my various sites were redirecting to other places on the Web. Most of the redirects were trying to sell something (like the Google Play Store) but none of them were pointed at my blogs, podcast or personal website URL. I tried to log into my my sites but was locked out as an admin. Oh, no. What is this new kind of hell? I’ve been hacked!
Then came the frantic calls to my site hosting partner Hostgator, where I was referred to their online security team. $1,200 of SiteLock protection later and it was wait and see what the virus scan came up with. The scans came back the next day. The sites were now clean – sort of – but I needed to restore them all from a backup just to be safe.
Okay, now it’s back to Hostgator. “Please restore my sites from a backup before March 26th.”
“No problem but it will cost you.”
Me getting my credit card number ready again – “Yes, but I need to be online yesterday. Just do it.”
“It will take up to 24 hours.” Uuggg. No choice.
24 hours comes and goes, I’m not online yet. My sites no longer redirect, but they just show a blank white screen. Is this better? I guess so. In the meantime, Google is telling me that it’s penalizing my sites because my backlinks to the thousands of posts and podcasts no longer work.
24 more hours – still nothing. Calls to Hostgator and to the security team (a third party not a part of Hostgator, it seems). “We’ve escalated this to our highest priority and it will all be back online in 24 hours.” Yes, and that’s what you told me 2 days ago.
24 hours goes by, still nothing. Finally I call a manager who’s been helpful in the past (something I should have done right in the beginning, it turns out). It takes 24 more hours, but surprise – everything is back. Still not perfect – one more security scan, but at least you can now read blog posts and hear podcasts.
So here we are nearly a week after the first incident and it looks like everything is back to normal. It’s the first time in 11 years I’ve missed a blog post. It’s the first time in 8 years I’ve missed a podcast post. I feel horrible about this, but it was out of my control.
I’ve had my issues lately with Hostgator, but they’ve always tried to work with me, are always beyond courteous and try to be helpful, and are, for the most part, knowledgeable. I find it difficult to get angry at someone who’s at least trying their best (or makes me think that’s what’s happening).
How was I hacked? No one can say for sure. I use a WordPress theme by Thrive called Luxe, and there was an update email that came through on Monday (3 days after the sites were initially hacked) saying to update immediately to cover a security problem. It could have been there. Then again, I was buying a new car and waiting for edocs to come through from DocuServe. I might have been phished there and then put the worm on my Hostgator account.
Whatever the case, SiteLock now says everything is cool and back to normal. Thanks for sticking with me. You’ll see my normal schedule of posts starting again on Monday. I will not cheap out when it comes to site security in the future!