Why my site has had issues

NO fab five for today.  I am using this post to explaining the craziness from last week when my site was down.

Last week I got an email from a reader letting me know my site may have a virus.  She told me her computer crashed when visiting my site.  She had to wipe her hard drive clean. Once she got everything restored she said she went to my site and it crashed again.  I told her I would check into it and told her, I hadn’t heard from any other readers so maybe it was just her computer.

That same day, I was going to add one thing to a post before going to bed. I was trying to do some last minute changes to some scheduled posts before I headed out of town for 5 days for my brother’s wedding. I couldn’t get into my dashboard. There was a message saying my site has malware (malware is a shortened name for malicious software). First thing I did was call the company who hosts my site, Bluehost. I spoke with someone in tech support and shared what was happening.

This is what many of you saw when you tried to go to my site.

The guy said it sounds like my site had been compromised and I needed to get in touch with a web site security company like Site Lock, who they partner with or We Watch Your Website. I had no idea I needed security for my site!

So I elected to go with Site Lock.  I purchased their basic plan and had it scan my site.  I got a better price through Bluehost than through the site itself.  So, if you want to get some security for your site check with your host first.  You  maybe able to get a good price.

So of course after they scanned the site it found malware on my site.  Surprise, surprise!  It found malware in 501 of 501 pages scanned and over 4,000 infected links.  So then at this point there was an option to have Site Lock look at the issues with my site for $60.  This fee is just to have them investigate the issue then they would give me a quote for the repair.  I went to bed that night hoping it could be repaired quickly and not cost me an arm and a leg.

I left for my brother’s wedding Thursday morning.  I had a long drive to Keystone Colorado. I got a call from Site Lock about 1 pm asking for my log in info so they could get into my site to give me the estimate.

Friday morning I got a call from Site Lock telling my my site was basically taken over by a hacker. My hubby spoke with them for me. The estimated cost to repair my site is normally around $900 for the issues I had, because it was going to take a whole day to fix it. However, the girl said she spoke with her boss and since we paid to have the monthly service she got her boss to let her go down to $450.  (This was probably just a sales tactic.  However, I did estimate it would probably be around $500 to repair the damage.)  I really needed to get my site up, so I gave them my credit card number and had them move forward with the repair.

Apparently, WordPress sites are more easy to hack. The hacker could have got in through my admin page, through a comment, through a plug in, etc. Anywhere on your site that allows input, they can get in. When I received the quote they also gave my hubby a long list of fees of different things to help prevent this from happening, but there is no way to COMPLETELY prevent it. One thing you can do is a WordPress hardening. My hubby looked that up and luckily he can do that one for me. For Site Lock to do it, it was $150. The other thing is you have to do this hardening anytime WordPress does a total version update.

Friday night I got the call the site was repaired and they were sending in the info to Google to get me off their blacklist. Then Saturday morning, Goggle had me off their list and the site was back up. I must say, I was pleased with how quick Site Lock got things done.

So learn from my mistake. Protect your blog if you have one. You don’t want to end up like me. If I had Site Lock doing the scans for me before this, it would have found the initial breach and the repair would not have been as costly.

I also added a captcha code plugin when you comment.  I know it is a bit of a pain to do when you leave a comment, but it will prevent hackers from getting in that way.

13 comments on “Why my site has had issues

  • Loy told me that you’d had this happen. This is what my site is going through right now. I have website protection from Go Daddy (wonder if that’s similar to Site Lock?), so I got a warning and they walked me through removing the code the hackers installed. I’m still waiting for google to flag my site as ok. So frustrating!

  • So glad you got this fixed cuz google sure wouldn’t let me even look at your site & it said it sent you messages that your site was compromised.

  • I kept getting messages when I would come to the site too and couldn’t figure why my antivirus thought a cooking site was malicious…now I know! Thanks for the explaination. I don’t have a blog, and didn’t realize all you have to do to keep one going. Glad you are ‘clean’ now 🙂

  • Thanks so much for taking the time to explain and to give us some helpful tips to protect our own blogs. What a pain though! And Im sorry but it sounds like you spent over $700 to fix your site…what a trooper! Seriously! So sorry this happened to you, but thankful for the help you shared with us.

  • I knew something was wrong when my computer would not let me go to your blog, I just didn’t know what it was.Thank you for explaining. Glad you’re back!!!

  • Laura, I appreciate your explanation about what happened to your site. I know that I attempted to access it twice on the same day and the first time it was fine, and the second time I got the Google warning. I then got the Google warning when I attempted to access my own blog because of a link I had to your site in one of my Friday Finds. I just ignored it because I had nothing else that said my blog was compromised. I don’t know if any of my readers got a warning about my blog. I am so sorry that this happened to you. You are the second blogger that I know of that has had situations caused by people who are up to no good. Why, oh why do they have to do this?

  • I know what you are going through, because I spent 8 hours on the phone with dell because my hard drive crashed. Luckily I still had one more month warranty and was able to get it fixed at no cost, but the stress it caused me was enough! I love your site, it’s helped me many times when I didn’t know what to make for dinner! Glad to see it’s getting fixed.

  • I totally understand what you’ve gone through with this hacking. I got the same problem two weeks ago. In fact, there was a vulnerability issue with the timthumb script that is used by your theme. The hackers use this script to enter the wordpress site and open what we call a backdoor allowing them to upload files to your ftp.
    In fact, there are 4 files that are touched by this hack : .htaccess (some code is added at the very bottom (some empty lines are used to hide the code)), wp-settings.php (some code beginning with google_bot at the end is added, you have to delete it), wp-includes/js/l10ns.js and wp-includes/js/jquery/jquery.js. You have to reupload those two last files from a fresh wordpress folder, update your wootheme and the timthumb script that is included. After, change all your passwords, from the administration to the ftp. Then it should be ok!

  • So glad you got everything taken care of! I am in the process of switching over to WordPress…so glad I signed up for the SiteLock! Have a great Holiday weekend!!

  • Now that I think about it, I got a thing from Norton saying that a malicious attack on my computer was blocked.. and I was here.

  • It’s sad that there are people who hack into sites – what is to motive? I just don’t get it! I’m glad you were able to get things working again!

  • My computer crashed as well the last time I visited your site. I didn’t make the connection though! Glad everything is resolved on your end. I was able to restore all my stuff as well…thankfully!

  • Glad to hear everything is back to normal. I was really shocked when I got that same screen saying your site was unsafe. I thought it was firefox being finicky.

    I never understood what would make a person want to hack into someone’s site or email.

Leave a Reply

Your email address will not be published. Required fields are marked *