Hacked: update
After much wrangling with servers and ftp last night, Starwalker is up and running, at least on the surface. It’s not completely healed, however.
The WordPress user database was trashed, and I can’t log in to the back end right now. It’s going to take some more work before I can actually get control of the site again.
The best part is, I can’t even comment on my own blog to tell anyone what’s going on. I always did put comments up when I was logged in and comments are locked unless I approve the commenter. The login is gone andΒ I can’t approve my own comment, so I can’t update anything on there. Security ftw!
So I’m going to be heading home early today to try to sort it all out, and get the damned thing up and running again. In the meantime, I’m going to keep ploughing on at work and hope that the hackers don’t wake up and undo everything I fixed last night.
Wish me luck and coffee!
mjkj says:
*comforts and hugs*
*hands over pile of chocolate*
*hands over big pile of Tim Tams*
*hands over some coffee*
*tries to cheer Melanie up*
π
July 22nd, 2011 at 6:23 pm
Mel says:
*is full of chocolatey goodness and very cheered!* π
July 22nd, 2011 at 10:25 pm
mjkj says:
Good π
July 23rd, 2011 at 2:59 am
Jes says:
Sorry you had to go through that. It sucks. π
FWIW, you might want to consider using SFTP (secure FTP, namely FTP through an SSH2 tunnel), as it would no longer pass your username and password in clear text.
I definitely advise frequent and regular offline (off-site) backups of all the relevant elements of your site (website directories, includes, databases, etc.)
Glad you’re back.
July 24th, 2011 at 2:17 am
Mel says:
Thanks, Jes!
I am looking into more secure options. I almost never use FTP, but I’ll check into SFTP anyway. The more I do backups, the more I’ll need it!
I’ve got a WordPress plugin that does regular backups for me, and I’m going to see what I can automate on the server as well.
Getting there!
July 25th, 2011 at 8:56 am