aka Lessons From an Outage, Part 2…
Talk about deja vu all over again!
Last month my sites were down 3 days due to a server issue. This past weekend was the same thing.
Only not quite. You see, this weekend I wasn’t down due to hardware errors, it was due to the nasty, mean-spirited, low-life, oxygen thief of a hacker that shoved all sorts of code into my (and many other WP users, from what I understand) sites. And it wasn’t even the obvious kind of hack. The I’m-going-to-send-your-readers-to-pr0n sort of hack. No, it was the shove-code-in-every-available-nook-and-cranny hack that had my sites hogging up the RAM on my shared server and got my username blocked for 3 days and all my sites coming up 403 Forbidden.
I even tried to work around the block with additional user names but that didn’t work, either.
Finally, my 3rd woe-is-me-why-won’t-you-help-me-help-you email found the right set of eyes on Monday and my user account was unlocked, my sites reappeared, and I started the long process of putting things to rights.
Actually, if I’d opted to just leave things along I *could* have gone back to normal Monday night. But this experience taught me a few things and I’m in the process of implementing them so that this doesn’t happen again (or, if it does, at least not on the scale that it happened this time). Because I know a lot of you host one or more WP blogs yourself, I thought  I’d share.
Some of these may be obvious, but they weren’t obvious to me until I found myself on the wrong side of them:
- Having several domains under a single user might seem like a good idea…
Basically, because all of my sites were under 1 user, when 1 site got hacked it was easy-peasy for the hack to spread to ALL of the sites under that user. Having each under a different user might require jumping through extra hoops on the server side (and a lot more passwords to keep track of!) but it would have kept the non-hacked sites up and running. - Update everything or delete it!
Another duh one. I mean, I knew that outdated plugins could be a vulnerability, but I didn’t realize that a non-active plugin could be a threat. And don’t get me started on the 60 themes WP comes pre-loaded with. Once you’ve picked your theme, delete the rest of them to avoid having to maintain them. Same goes for plugins. - Keep in touch with your host.
Don’t think you’re being a pain for trying to get answers. Yes, a lot of the maintenance and competence rests on our shoulders, as bloggers, but they can at least point you in the right direction. And be persistent. If emails aren’t getting a response, check for a twitter account or a status blog, you may find help there. Same goes for user forums–that’s how I found out the WP hack wasn’t just me, but many users. - Look for another way out.
I’d read up on reinstalling WP and linking them to the old databases but it just made me tired thinking about it. Monday I was fed up enough to try it and it turned out to be easier than it sounded. (Well, once I figured out what I was doing wrong the first 3 times.) - Keep good backups.
I think I said this last time, too, but it’s so important. I would have been able to get all of my posts back, sure, but images aren’t stored in databases, only the links to them! Since I hadn’t gotten around to backing up all my /uploads folders, if my user account hadn’t been reactivated I would have had to re-upload years worth of images. I shudder to think at the headache that would have been with Random Acts Comics!
I hope none of you had to go through list latest attack, but if you did, I hope you were able to come back stronger than before. That’s what I’m doing!
That sucks! I’m glad you got it all figured out. Sorry that happened, that’s the worst!