I Think I Can… I Think I Can…

Search Amazon

Tag Archives for " Dreamhost "

Dude, You’ve Been Hacked!

Published November 17, 2014 - 2 Comments

No one ever wants to hear those words.  “You’ve been hacked!”  Sure enough, when I went to the blog, I was greeted by this:

HackedIt slowly scrolled up and told me how good my security was, but how they were far better.  Blah Blah Blah.  I figure that it’s just a group of script kiddies somewhere who don’t have a clue and are just getting their jollies from defacing some websites.  The real kicker here was that I went to check each of my websites, and they were all showing the same thing! 🙁  That’s one of the joys of shared web hosting.  When one is torched, it’s almost a sure thing that everything is gone.

I contacted my hosting provider Dreamhost and received instructions on how to get my websites back up and running.  Unfortunately there is no simple way to roll them back, so I had to go through each one and create new WordPress installations, copy the database and uploads from the hacked folder into the new one, and re-install my themes and plugins.  This started off as a  very slow process, but after the third or fourth time, I began to get the knack of it.  Let’s just say that I’m now pretty proficient in understanding which WordPress files are key to holding your data.

So how did these punks get in in the first place?  I don’t know.  The most likely scenario is that one of my WordPress plugins or themes had a vulnerability in it, allowing them access to all my sites.  Wordpress plugins get updated all the time, and it’s a big pain to keep them up to date – especially when you are running multiple sites.  Some of my sites are not actively used, so I rarely log into them.  That makes them especially vulnerable to hackers looking for access.

How do you manage multiple WordPress sites to keep your plugins or themes up to date?  There are some services out there that allow you to update everything from a single dashboard!  One of the free ones I found is WP-Remote.  Their website claims “Monitor and update all of your WordPress‐powered sites. 68,253 WordPress websites already do.”  I created a login and added a plugin to each of my blogs that I wanted to manage.  Voila!  This is what the WP-Remote dashboard looks like:

 

WPRemoteYou can see the list of WordPress sites on the left hand side, and easily determine whether they are up to date or require action.  Installing updates is as simple as clicking a single button on the right side to update all.  Within seconds everything is good to go!  This is a brilliant service, and saves me a ton of time!  I’ve made a habit of checking in with WP Remote in the morning and updating any files that require it.  Did I mention that it’s free?  They sell a premium version of their service that adds things like automated backups, but I’ve discovered that I don’t need to pay for those.  Why not?  Keep reading, and I’ll tell ya!

Updraft Plus is a fantastic (and free!) WordPress plugin that performs fully automated backups on whatever schedule you set, and saves them locally as well as on virtually any remote storage location.  They offer a premium plan that gives you more control over how those backups are performed, but I’m OK with the free version for now.

Free managing dashboard.  Free automated backups.  What a great deal, right?  Yup!  But there’s one area that I DID decide to splurge a little money on.  I’ve been a faithful Dropbox user for years, and I’d worked my way up to 14GB of free space, but it just wasn’t enough.  So with the money that I saved from the other two services, I upgraded my Dropbox to the Professional plan.  For $109/year I now have 1TB of space.  That’s more than enough for all my backup needs. Famous last words.

So while this hacking incident has cost me some time and money (lost Adsense revenue and increase purchasing) I’ve learned a great deal about WordPress installations, the critical files, bulk management, and now have a solid backup/restore plan in the event of a catastrophic failure in the future.  It was a difficult pill to swallow, but I think that the lessons learned far outweigh the loss.

Let’s hope that I never have to deal with this again. But if I do, I have the right tools in place to minimize any downtime.

What’s New?

Published June 3, 2014 - 3 Comments

So what’s new?  What’s going on?  What’s shakin’?  It’s been 6 months!  C’mon… gimme something!  How’s the family?  Kids?  Work?  Latest plan for total world domination?  There’s gotta be something going on that’s newsworthy!

Ummm….     maybe?

It’s actually hard to believe that I’ve been away from here for 6 months!  Granted, at the time that I packed up shop, I never thought I’d be back.  Maybe a post here or there, but even that was in doubt.  My blog was sitting on a server in Powweb, and I had long given up hope of moving it to Dreamhost, where my new blogs had been opened.  I’d already spent money to renew Powweb’s hosting for a year, and didn’t like the fact that I was paying for 2 hosting companies.  But everything that I’d tried to move the files from one host to another failed.  I even bought a program that was supposed to make it seamless and I still couldn’t get it to work.  I’d pretty much given up on it.

It wasn’t until my vacation last month that I started to get the “blogging bug” again and sat down to try to migrate the blog again.  This time there was an urgency… I had cancelled my Powweb membership months ago, and they were only holding my blog until my pre-paid year was up: some time in June.  So if I wasn’t able to move this blog, it was either start from scratch (maybe not a bad idea, I dunno) or give up on it altogether.

If you’re reading this, then you probably have a pretty good idea what the outcome was.  I found a great little WordPress plugin called Duplicator that actually lived up to its name!  And better yet… it’s free!  I’ll probably write a post about this plugin later, but for now, suffice it to say… you wouldn’t be reading anything on this blog without Duplicator!  (The migration wasn’t 100% seamless.  You may have noticed a lack of pictures.  None of the pictures from previous posts moved over, so anything you see now is something that I’ve had to put in manually, but that’s fine.  I was worried about the years of writing… not the pictures that I borrowed from the Internet)

So what about you?  What’s new in your life?