Inside Look A Hacked WordPress Blog [Video]
This blog was recently hacked by spammers who look for blogs with security holes they can exploit. Their M.O. is simple. They look for blogs that are not running the latest version of WordPress so they can hack in, delete all plugins, and leave spam comments with links back to their crap sites.
They’re looking to delete anti-spam plugins like Askimet but they don’t care what damage they cause so they just delete ALL the plugins. I use a a lot of plugins that operate in the background so once WordPress couldn’t find them it caused my site to go down with an Internal Sever Error (500).
My host was awesome and they had me back in action in no time. But this left me site a bit out of whack since all my plugins were toast. Here is a video look inside the mess these low-life spammers/hackers caused:
After watching that video you should see the importance of running the latest version of WordPress. They release many upgrades and some of those are to fix security holes that hackers use to cause their havoc.
As I said in the video, I hesitate to upgrade to the latest version of WordPress because I worry it will cause issues with my current theme or plugins. Although double checking your theme and plugin compatibility the danger of running an out-dated version of WordPress is more risky than the fear you the upgrade might cause comparability issues with your theme or plugins. I’ve learned that the hard way.
In this next video, I’ll show you how easy it’s up backup your current WordPress databases so you can upgrade without fear of breaking anything. It’s all done with just a click or two…
Luckily I backup my WordPress database often so recovering wasn’t as bad as it could have been. It took me about 90 minutes. I had the backup folder of all my “old” plugins the hacker scum deleted so it was a lot easier to re-upload and activate them. I just had to drag them from my plugin backup folder and drop them to my current plugin folder:
Luckily when I re-uploaded and activated my plugins all settings were there since I had backed up my plugin directory. I didn’t lose any data as I feared I would with the All-In-One-SEO plugin.
Take away to avoid this happening to you:
- Upgrade to the latest WordPress version ASAP
- Backup your WordPress database often
- Check compatibility of your themes and plugins but you must upgrade (it’s easier to find a new theme than dealing with a hacked blog)