Just a quickie…
My site recently got hacked. I didn’t know that was even a thing. But it would seem the hacker got in through the backdoor and changed some posts, including my most recent one. If you came here via my newsletter link and wondered where the posts had disappeared to, I apologise.
So anyway, I did the normal thing. I panicked. Then regrouped, rolled up my sleeves, made a pot of tea and got to work. I am the least techie person in the world so this was all very scary. But if you run your site through WordPress I recommend you do the following if it either happens or to prevent it happening to you.
- I put my site to a standard WordPress theme – I used Twentyfifteen, and disabled all plugins, deleting any I don’t use. I recommend you delete any disabled ones you have asap.
- I deleted the affected posts. Shame about all that hard work for nothing, but heyho, no biggie in the great scheme of things.
- Contacted my hosting company to check everything was OK there. It was and they recommended the following:
- Downloading Wordfence plugin and running a scan. Bingo! It found the rogue in one of my theme’s .php files. So I deleted the theme pronto. I’m keeping Wordfence running all the time now.
- Downloaded another plugin that limits log in attempts, changed my password and activated 2 step authentication just to be sure.
- Then bought myself a beautiful new theme which I will start working on later this week, and I’m very excited about! Please excuse my ugly site for now, but hopefully it’s on lockdown, belt and braces style.