To any of you out there with a blog run by the WordPress platform, here’s a warning to all of you: Keep your WordPress software updated. I was taking the “it works fine” mentality on my software and not updating for at least 6 months. Big mistake. One of the fixes that I did not install was a vulnerability in the database. This vulnerability allowed a hacker to hack into my blog, create a new user account, and create about 40 spam postings. Not comments, but actual postings. The postings were posted-dated and did not show up on the “front” of the blog so I never noticed them.
My only clue to their existence came in the form of an email from Google saying my site had been removed from their index because of spam. I thought it was spam comments that slipped through the spam catcher but was horrified to see the damage that was done. It took sometime to sift through my blog and delete the offending posts.
Worse though, was that after being removed from Google index, it took about 2 months to get back in. The old adage “A website not in Google’s index practically does not exist” is very true: Removal from the index all but makes your site invisible. Traffic from keyword searches was cut by more than half.
But alas, a happy ending. Last week I finally got back in the index, this time with updated WordPress software and a changed password in my court. As a soapbox moment, I can’t help but to point out the absence of ethics of spammers who hack into people’s blog, and get the blog banned from a search index. That is pretty damaging. Thankfully I don’t make money off this blog. If I did, it would have done serious financial harm to me. My guess is if this done to a bigger cat in the blogosphere, like one of the many blogs owned by Time-Warner, these spammers could be facing litigation seeking damages. That said, the offenders are probably in Africa, Russia, or other place outside of US government reach.
Wow Peyton, I’m sorry to hear that. I’m not at all surprised it happened to you though. I’m sure your site (http://www.accphotos.com/) receives a ton of traffic, and those sites tend to be the ones that people go after.
I try to stay out of hosting public sites unless it’s just static pages. Apache is pretty resistant to attack, but every now and then a new vulnerability is discovered. It’s difficult to keep up to date with all the latest patches, and I like being able to pay people more qualified than me to maintain something.
A few weeks ago we installed MySQL server on an older Linux server (I think it was running Fedora 5). Somebody accidentally set it up to listen on all network interfaces rather than localhost. About 11 hours later somebody overpowered the MySQL server and compromised the server. From there they launched a bunch of attacks against other networks and started spewing out spam. Our subnet was blackholed by a bunch of networks and our SMTP servers (google) were on the blacklist by several spam houses.
It took us several weeks before we had fully recovered. It was such a pain in the neck. From now on we try to rely on others to host our infrastructure.
I’m happy you hear you climbed back into Google’s index.