Well, I wish I could tell you that my extended hiatus from writing was due to an onslaught of summer visitors and too many whale watching trips, but alas, my website was hacked! This meant I couldn’t post anything until it was fixed for fear of passing along malware or a nasty virus to an unsuspecting visitor.
Even worse, my tech guru was on vacation! It was as if someone knew exactly the worst time to hack my website. This was the reason it took extra long to figure out how to fix it. Then I waited a few days after it was fixed to make sure it didn’t happen again; the last thing I wanted to do was proceed as if things were back to normal and then wham, it happens again.
But many hours and tense moments later with my wallet 300 dollars lighter, my website seems okay. The craziest part is I still don’t know exactly what happened!
No one at the company that provides hosting services for my website could tell me what happened, several people who helped seemed to think someone accessed the password to the server side of my website. (I won’t name the company just in case that helps keep my website a tad safer.)
Another theory was that since I was a bit lax on keeping WordPress up to date, that someone accessed my website through some hole in the template. You see, WordPress is like every other computer program out there, it has tons of updates coming out all the time that you have to keep up with, just like downloading Windows updates for your computer.
The $300 went to purchasing a service that constantly monitors my website for changes, attacks, viruses and malware. This company also couldn’t tell me what happened, but they were able to update WordPress for me and delete all the malware on my site. (If you are interested in this service, contact me and I’ll give you the information.)
Google also proved to be both helpful and annoying. As the master internet search engine, it trolls for malware to protect unsuspecting searchers from hacked websites. Once Google realized there was a problem it blocked access to my website, of course no one at Google bothered to let me know, but at least no one could get through. Oh and did I mention that my husband’s website was hacked too?!
We wasted a lot of time talking to the host server company tech support, they would delete the malware for us, then we would contact Google to request that our websites be taken off the “black list,” only to have the websites hacked again and placed back on the black list. This series of events happened three times when I finally decided enough was enough and purchased the monitoring service for both of our websites.
This has been an extremely frustrating process to say the least. I’m telling you all of this in case something like this happens to your website, there’s help out there, but it will cost you. Lessons learned: keep WordPress up to date, pick passwords that are insanely long and bizarre and spend the money on a monitoring service before your website is actually hacked, you could save yourself a lot of trouble.