What to do When Your Blog Gets Hacked
September 2, 2010My blog was recently hacked – not the most fun experience to say the least. Still not 100% sure how it happened, all I know is that here were the steps I took to secure everything.
- I immediately changed all of my passwords. FTP, login, database user passwords, hosting password, the works. Sure, it could have been any of these, but there’s no reason to immediately change all of them. Of course, you should also be updating them regularly, like any password you use.
- Remove all files on/reformat your server. This should be ok, because it’s all source-controlled. Right? Right! You have no idea what additional files have been added or which files have been changed, so be heavy-handed.
- Replace the files that you removed with all clean copies checked straight from whichever version control client you use.
All in all, it’s relatively simple, though stressful when it happens. I am not a full-on security expert, so full security and preventing an attack is another matter all to itself. My version is, by far, the simpler one, though highly effective in my case. After the initial issue, I have no experienced or seen another problem on the site (and I’m happier about that than I can really explain!).