Y’all, we got hacked.
A few weeks ago, I noticed the back-end stats of the website going wonky (insane amount of processes running, constant downtime notifications), and after some rudimentary detective work, I figured out that my site/space was being used for Bitcoin mining. My guess is they got in through a unsecured, out-of-date WordPress plug-in.
I killed the site to stop the mining/resource hogging until I could figure out how to fix everything. Given the circumstances of the attack, we were able to save a lot of it (the posts, the overall structure, and the basic, un-tweaked version of the theme), but some aspects had to be dumped to ensure we got rid of every last bit of the bad code.
Unfortunately, one of the things we lost were any pictures hosted by the site itself. We had been working on moving pictures off to other storage spaces and re-linking them due to hitting my host’s space limits already, but I’d only made it up to about mid-2015 by the time we got hacked. My apologies for any recipes/pages you hit that have no pictures on them right now–I’ll be spending a lot of time over the next few weeks re-linking/uploading all the pictures for the posts. I have them all on my laptop, but I basically need to reconstruct about 2.5 years worth of work.
Thankfully, I didn’t have to say goodbye to over 3.5 years worth of work, time, and effort. I’m very lucky to have been able to save any of it, and even more lucky that it wasn’t worse.
- Don’t use a ton of WordPress plug-ins, and if you do–make sure they’re trustworthy, secure, and updated often.
- Watch your stats like a hawk–I could have caught this earlier, but I wasn’t paying close attention until the “SITE DOWN” emails started flooding in.
- Don’t just delete things willy-nilly when trying to stop the bleeding–I deleted an important database file when I was frantically trying to bring the site down and it cost me an extra week or so in downtime to repair that mistake.
- BACK UP your site in multiple places–it’s an old IT saying: it doesn’t exist if there’s not at least two copies of it.
- Backups helped in this case, but not entirely–the bad code was throughout the site, restoring blindly from a backup would have just started the problem over again. However, it’s still a VERY good idea, since we were able to pull the posts and some of the other essential parts out safely.
Thanks for sticking with me throughout my trials and tribulations. I’ll be getting back on track here shortly. Stay tuned!