Hacked
To say that I have not had the best day today would be an understatement. After a frustrating and stressful start to my day at work, heavily laced with exhaustion and not-quite-strong-enough coffee, I got a message from one of my lovely Starwalker readers. I also got one from another reader when I got home.
Now, let me be clear. I love to get messages from my readers. It makes me a happy little writer… usually. When they are telling me that my website has been hacked, however, that is less fun.
I went to the Stawalker site feeling slightly ill and it was downhill from there. It was definitely hacked, showing a splashpage definitely nothing to do with me. I won’t say who did it or give you one of their sick little ‘look at all the sites we’ve defaced! Aren’t we cool!’ links, because the little fuckers shouldn’t have any more publicity than they’ve already had from me.
It’s not funny and it’s not clever. It’s malicious, it serves no purpose except to fuck up my day, and I hope they’re happy with themselves. Or go die in a fire; one of those.
The worst part was that I couldn’t do anything about it while I was at work. I couldn’t get into the back end of the WordPress installation at all (it didn’t exist, just their damned splashscreen) and the rest I can only access at home. There was no way for me to know how bad the damage was – had they completely wiped out the WordPress installation? Screwed over the database? Hacked a year and half’s worth of work to pieces, or just pasted on an annoying front end?
I had to wait until I could get home to investigate, and today was one of those days where I couldn’t leave early. So I was stressed out all afternoon, not knowing just how much of it is wrecked.
I got home to good and bad news. The WordPress installation was still there, just majorly hacked and disabled. I’m currently going through the painful process of re-uploading all the files to resurrect it properly. All the config is intact, and, blessedly, the database is fine. Everything seems to be there; I just have to dig it out. It’s painstaking but coming along.
The type of damage done doesn’t seem to be a WordPress hack, but a hack on the ftp account to my server. Which is worrying, considering that I haven’t used it in weeks, and don’t store those details in any browser histories. My web hosts seem sure that the leak came from my side but I am dubious; it sounds like ass-covering to me.
Grah. So now I’m spending my evening fighting with ftp to get the site up and running again. I’m partway there; with luck, I’ll get it finished in the next hour or so. Then I’ll be backing everything up (I don’t do this enough, I know, I know).
I’ll be doing some more security upgrades over the next little while. Fingers crossed, this shit won’t happen again. I certainly don’t need another day like today. I don’t think anyone does!
For my readers: thank you for your patience. I will hopefully get this week’s post up tomorrow night.
Hackers: I have nothing to say to you. Begone.
mjkj says:
*comforts*
July 22nd, 2011 at 6:18 pm