This blog was recently hacked by spammers who look for blogs with security holes they can exploit. Their M.O. is simple. They look for blogs that are not running the latest version of WordPress so they can hack in, delete all plugins, and leave spam comments with links back to their crap sites.
They’re looking to delete anti-spam plugins like Askimet but they don’t care what damage they cause so they just delete ALL the plugins. I use a a lot of plugins that operate in the background so once WordPress couldn’t find them it caused my site to go down with an Internal Sever Error (500).
My host was awesome and they had me back in action in no time. But this left me site a bit out of whack since all my plugins were toast. Here is a video look inside the mess these low-life spammers/hackers caused:
After watching that video you should see the importance of running the latest version of WordPress. They release many upgrades and some of those are to fix security holes that hackers use to cause their havoc.
As I said in the video, I hesitate to upgrade to the latest version of WordPress because I worry it will cause issues with my current theme or plugins. Although double checking your theme and plugin compatibility the danger of running an out-dated version of WordPress is more risky than the fear you the upgrade might cause comparability issues with your theme or plugins. I’ve learned that the hard way.
In this next video, I’ll show you how easy it’s up backup your current WordPress databases so you can upgrade without fear of breaking anything. It’s all done with just a click or two…
Aftermath
Luckily I backup my WordPress database often so recovering wasn’t as bad as it could have been. It took me about 90 minutes. I had the backup folder of all my “old” plugins the hacker scum deleted so it was a lot easier to re-upload and activate them. I just had to drag them from my plugin backup folder and drop them to my current plugin folder:
Luckily when I re-uploaded and activated my plugins all settings were there since I had backed up my plugin directory. I didn’t lose any data as I feared I would with the All-In-One-SEO plugin.
Take away to avoid this happening to you:
- Upgrade to the latest WordPress version ASAP
- BackupĀ your WordPress database often
- Check compatibility of your themes and plugins but you must upgrade (it’s easier to find a new theme than dealing with a hacked blog)
Alan, Excellent video messages. I’m sorry that happened to you but what a great lesson to share. I know that many people don’t realize that outdated versions of WordPress, plugins and even themes can make your blog vulnerable. Thanks for putting this info out there!
Hey Alan
Thank you so very much about the above information. Sorry about what happened to you but on the other hand I learned a lot from that occurance. Going to update my blog now. Once again thanks
Glenn
Hi Alan thanks for sharing this valuable post I have been getting a fair bit of spam lately but as luck has it I have the latest version of word press.
glad to see your sorted now ,
oh by the way i’m gonna tag you for your efforts.
don’t blame me its garry simpsons idea but its a load of fun
cheers mick
I thank you for sharing this video. I had been waiting to upgrade all my blogs until I saw the warning last week. I had two blogs to update, as I’d already taken care of it on one of them. WordPress had been updating every two weeks, but this one has passed that time period, so I figured it was time.
I’m sorry it happened to you in the first place, but hopefully some folks will watch this and learn.
Alan,
Great info… Personally, I always just upgraded wordpress whenever a new version was available.
Kind of wondered the reason or if I’d screw anything up.
But I guess they do the security patches for good reason.
Darn spammers,
Rob
This seems to have been happening a lot recently. Thank you for sharing your story of what happened and putting it out there for everyone to see. Security updates and backups are definitely important things that we all need to think about!
Yikes, Alan! Sorry to hear that happened to you.
Those SPAM comments are horrible! I mean, how good could their conversions possibly be with crap comments like that (as far as direct traffic is concerned, anyway)?!
Hi Alan,
It’s one thing to be hacked into and have you’re blog destroyed and it’s another thing to want to share it with us so that we do not become the next victims.
For that I am grateful. I will ensure that I upgrade immediately and that I regularly backup my folders.
Thanks for the heads up. Its really appreciated.
Andy
Hey Alan,
Thanks very much for the informative videos/post. I too have found-out the hard way how valuable backing-up can be. My situation was I had loaded a new theme and suddenly everything was blank!! Fortunately, my host was able to delete the offending theme and restored the default theme, using a backup from the previous week. So not so bad…
Keep up the good posts!
Thanks
Lee
Thanks for sharing Allen!
Hopefully this helps people to realize the importance of upgrades. Personal accounts always help people start taking action!