Services for WAHMs
WAHM Free Newsletter
About Allie and Ramblings of a WAHM

Protecting Your Mom Blog and Business from Attacks

Protect your Mom Blog and Business from Attacks

April 2013 “Brute Force” Attack on WordPress Blogs

Last week, along with 90,000 other sites, my site received a file that was flagged as Malware.  What the hackers are trying to do is get into sites that kept the login name “admin”.

I had been warned numerous times to change my login from “admin” to some other name, but I figured if I had some crazy, funky, long password hackers would never get into my site.  Well, I was wrong, sort of.

They were not able to get in but they did place a file within my site that somehow tries many different passwords until it does breach.

What Did I Do?

First, I became very scared.  I felt lost.  I felt I was going to loose my blog and my business, I did not want to start over.

I don’t know anything about certain files that are kept with my site.  All Google was telling me was that I had been infected with Malware.  While researching, I couldn’t even figure out what that was.  The term Malware is actually vague and can mean numerous things.

Second, I started to do a ton of research.  I needed sites that told me in plain English what was going on but even more importantly, how to fix it.  Google Webmaster Tools started me off on the right foot but I needed more.

I called upon my 14 year old son who has more of a clue that I do about coding and file types.  He was very helpful in finding the file that was inserted and deleted it.

He also advised me to have a crazy, I mean CRAZY password for my site.  Something like:

&GjN+dOG&45toBE!!:F

That crazy.  (No, that is not my password, I simply used the whole keyboard to make one up.)

Now, if you don’t live with or have access to the geek world I do, here are some great links and strategies that can help you not only protect your site, but your logins for your bank, email, important sites, house, car, business, and property.

Protect Your Site, Blog and any Online Activity

1. Don’t use “admin” or any default login. 

If you are like me and never changed it, you can go to: http://www.digitalkonline.com/blog/change-your-wordpress-admin-username/  and they will walk you through the steps.  You will notice now that all my old comments are generic, that will happen because my old login does not exist anymore.

Also, do not use the same words for your login as your author name.  It is too easy for hackers to figure out the connection between the two.

2. Backup your site completely and often. 

I back mine up about every month, but I am thinking maybe it needs to be done on a weekly basis.

Blogelina has a great tutorial on how to backup your whole site from your cPanel when you log in to your host site.

How to Backup Using your cPanel

3. Create a crazy password. 

Make it not only hard for a human to figure out but more importantly a computer.  Go beyond what the pros suggest.  Think about it, the pros suggest 8 characters, don’t you think the hackers are going to start with that pattern knowing millions of people have been told to do that?

Here is one link that helps you pick a great password.  There are many, simply search “create strong password” and you will find many helpful sites.

Creating a Strong Password

4. Have a Google Webmaster Tools account.

This is how I actually found out that I had Malware.  Google notified me that something was up.

https://www.google.com/webmasters/tools/

5. Be VERY picky about who comments and registers as a user of your site.

Spam commenters have created some havoc on my site in the past.  The link juice that I was giving them caused my site to lose rank with Google.  Basically, Google thought I was supporting crap sites and punished me.  After that I became more strict with spam comments. But, we can’t stop them all.

If a comment, person, link, or site just looks a little weird don’t allow it to come through as a comment.

I use GASP AND Akismet on my site.  I want to be sure I am covered.

6. Always check the reputation of a plugin.

How to Check the Reputation of a Plugin

You never know when a plugin will be carrying a bug, virus or cootie.

I did not cover everything.

I highly suggest you head to the following sites to find out more on protecting your site and property against theft and corruption.

How to Protect Yourself from Losing Your Data  Social Media Examiner

Great podcast I just listened to recently.  Michael Stelzner, the owner of SME, had his business location broken into. He lost his computer to theft but not his data or his mind because he took precautions to protect his stuff.

Keep Your Blog Secure  Blogelina

Very helpful and informative series on how to keep your blog safe.  She has very simple and comprehensive information I believe you should follow.

Please Tell Me That is IT

I know,  there are too many steps and things to do but I am pretty sure if you follow the advice and tactics I show you here it will be very hard for anyone to take advantage of your stuff.

And if something bad does happen you will be prepared to handle it.

Even more reading material…

(Just in case you are like me and need to make sure you covered all the nooks and crannies.)

http://andrewapeterson.com/2013/04/april-2013-some-news-concerning-malware-attacks-on-wordpress-sites/

http://mashable.com/2013/04/18/protect-wordpress-from-attack/

Have you taken precautions to protect what is yours?

The following two tabs change content below.
Allie owns and writes Ramblings of a WAHM. She has blogged and been online working her way up since 2010. She loves to help new WAHMs find their passions and then thrive online through blogging, email marketing and social media. Check out WAHM Posts or New Blogger Posts. And my WAHM newsletter. Thanks for coming by!

9 Responses to Protecting Your Mom Blog and Business from Attacks

  1. Lisa says:

    Allie, I have a Google webmaster tool for every site but didn’t realize they that would warn you too if you had malware. Great to know! I have to know more on who registers – something I didn’t pay uch attention to before. Very interesting. I do back up mine often since I almost lost it once. Thanks for sharing.
    Lisa created this awesome post: Tweeting During Extraordinary Events – A Yes or a No?My Profile

    • Allie says:

      Lisa,

      I didn’t know either until I tried to access one of my pages (which is deleted now) and Google told me there was malware associated with it. I was told to head to Webmaster tools to find out more. Under the “Health” section you can find many things there that Google will tell you about your site.

      Google will tell you (somewhat) how to fix it too.

      ~Allie

  2. Christine says:

    Thank you for the insight Allie.

    Any of us who spend any time at all on the web professionally I believe are even more so at risk. I’m a online marketer mostly working in SEO and Online Public Relations. Because of my work I often have to visit so many different areas on the web that I feel that I’m even more at risk. If you have any further suggestions I would be very interested in hearing about them.

    • Allie says:

      Christine,

      Yes, I once surfed the Internet so much my husband told me that my computer was the one that had the most possible viruses and Malware attacks. He stopped them with security software and he scanned my computer often.

      ~Allie

  3. Kathleen says:

    I feel your pain, Allie ! My blog was hacked last November and I ran the same gambit as you. It’s a very scary and frustrating thing to experience. I hired someone to attempt to clean it up – big failure !!! Fortunately, I had a version of my “old” blog to use while I figured things out. And I had enough techie ability to install it myself – but it still took about 3 weeks to get things back to normal.

    The two most important things I learned from my experience: back-up frequently and scan my computer every day.
    Kathleen created this awesome post: Is Your Customer Service Helping or Hindering Your Business ?My Profile

    • Allie says:

      Kathleen,

      That sounds like a horrible experience. I think all is fine with my site, Google has cleared it but now I am hypersensitive to checking more often, scanning for viruses and such more often and backing up my stuff more often.

      My husband was scanning my computer for me but I think I may take over and do it more often.

      Thanks for the story and tip.

      ~Allie
      Allie created this awesome post: Protecting Your Mom Blog and Business from AttacksMy Profile

  4. Annie André says:

    ooh Allie, I was hacked last year and it took me three days to get my site back up and running. I should have hired someone but I was to anal about it and did it myself. Blah. You are lucky your son is such a tech wizard.

    This past week i keep getting hit by bots and spiders (aggressive ones) scraping my site with hundreds of pings per minute which is overloading my server and making it crash. As soon as we block the IP, a new one hits my site. So I was looking at plugins to help throttle IP,s and choke them off if the exhibit unnatural amount of time on my site or ping backs within a certain time period.
    All these hackers really annoy me. If only they would channel their energy for good. Why even bother hacking a blog. It’s not like they are going to get access to money or state secrets.

    I jsut don’t get it.
    Annie André created this awesome post: Visit BlackPool: England’s Answer To Las VegasMy Profile

    • Allie says:

      Annie,

      I think I am fortunate to have my techie, geek son. LOL. He really helped me. It has been about a week and no problem, cross my fingers.

      My theory is that many of the hackers are the ones that create plugins and software that help you clean your site. They create a problem so you need to search them out to fix it. or they could just be trolls living in mom’s basement and have nothing better to do. Haha!

      I’m not sure if our problems are related but when I was researching this issue it seemed that the plugins that helped with throttling were not helping at all. Something about the bots being too quick for the plugin. I hope nothing happens to your site.

      On a positive note (sorta) I noticed entrpreneur.com and inc.com are getting the same Google warning my blog was giving out. So, even the big boys are having issues.

      ~Allie
      Allie created this awesome post: Defining Your Target Market for the WAHMMy Profile

  5. Tabitha Vos says:

    That is very scary Allie. I am so glad you were able to get in and fix everything before it took over your site.

    I need need need to do everything you suggested in this article. Thank you so much for all the links and tips you have provided here!
    Tabitha Vos created this awesome post: Cucumber Melon Jewelry Candle GiveawayMy Profile

Leave a reply

CommentLuv badge

RWAHM Facebook Community
Allie's Twitter
Allie Google Plus
Allie's Pinterest
WAHM Manifesto