What To Do When Your Blog Has Been Hacked

Chris Davies·January 3, 2014·4 comments

Really, there’s only three things to do when you get hacked.

  1. Fix it.
  2. Apologize to your readers.
  3. Make sure it doesn’t happen again.

My last blog post went out looking fine to me. Then Josephine tweeted me with what I though was a joke about me going to the gym. I’d also had a previous hack experience at the start of December.

What people saw when they got the post emailed to them was this (thanks to Sharon for catching it and letting me know).

Now I’ve taken a bunch of time to clean it, secure this and several of my other sites and I’ve started using SiteLock to help prevent this from happening agin. If you’re having trouble reading or commenting, let me know. For the moment we’re praying we’ve got this locked down and that Google continues to not worry. Traffic is still steady.

It’s easy to fall into a lull where you don’t look at your websites and take the time to review their security.

Chris

Related posts

4 comments

  • Julie Broad
    10 years ago Reply

    Hey Chris –
    It happens to all wordpress sites at one time or another … I just had it happen again myself. This time we suspect it happened as one of our team logged into one of our sites from a hotel and sometimes that’s all it takes if that connection is not secure. Our host (host gator) is amazing at assisting with the issues.

    Hope your new year is off to a great start,
    Julie

    • A
      Chris
      10 years ago Reply

      Thanks Julie, I’ve been contemplating switching hosts and I get a lot of questions on the topic. I’ll check out Hostgator too.

  • JimW
    10 years ago Reply

    Hi Chris, I’m interested to learn about how you cleaned up and secured the sites. I run a bunch of wordpress sites and they’ve all been hacked at some time or another despite keeping up with updates, not installing plugins, etc. I basically consider restoring from backups a cost of doing business with free WordPress (ie, not hosted by wordpress.com). Got any tips?

    • A
      Chris
      10 years ago Reply

      Really, I went through the usual cleaning of files, resetting file permissions, cleaning out users who aren’t real users. I used the Netfirms people to clean it the first time and the SiteLock folks the second. I’m using Sitelock and it’s been great – a little pricey but worthwhile I think.