My website was hacked!
SOOOOOO, I was just looking at my profile here at WA, and saw that I had gotten a feedback comment on my retiredneedingmoremoney.com site, and thought "OK great - maybe the ban on getting more feedback or comments on my site has been lifted..."
And when I read the first sentence of the person's feedback, and she said:
"The first post on your page says HaCKeD BY........ "
And THEN the nice person said, "AND when you have an article ABOUT CIALIS...."
I said to myself "WHAT??????? Cialis article on MY RETIREMENT SITE????WHAT????"
So THEN I went to the dashboard within WA for my retirement site, AND THERE IT WAS - YOU HAVE BEEN HACKED JUST FOR FUN!!!
And THEN an article about CIALIS!!!!!!! And again I say --- WHAT????????
I immediately TRASHED both posts, and am NOW posting this post about HACKING!!!
So has THIS happened to anyone ELSE at WA????
Recent Comments
12
Hackers are a fact of life. They are usually malicious, bored and extremely talented computer-literate kids who eventually find their way into a lot of our back doors. Before joining WA, I had a site hacked. They completely deleted my online forum among other things. Very frustrating. You just have to keep going. Don't let it keep you down.
Thanks Amanda, a few members have mentioned that they have been hacked. Fingers crossed that it does not happen to me.
It was weird seeing an extremely disturbing picture on my website of a teenager with tongues hanging out of the middle his / her hands, talking about CIALIS...... on my website about RETIREMENT??? So THEN I saw that a smart aleck person but in the top post 'YOU HAVE BEEN HACKED'....... Luckily someone here at WA looked at my site, gave me some FEEDBACK about my site talking about CIALIS and the phrase "YOU HAVE BEEN HACKED"!!! So THANKS MIRANDA.....
See more comments
Hey Amanda,
At the end of January, WordPress released an emergency security update for all WordPress sites running version 4.7.1 (which your site was). This gave hackers the ability to exploit any sites that were not upgraded to version 4.7.2. The second we were aware of this, we immediately and issued a security update to update all sites across the network that were running WordPress 4.7.1. Your website should now be running SECURE software.
When WordPress, a theme, or a plugin release code with security issues, it's impossible for us to KNOW until we learn that a site has been affected and we patch the issue. There is no security issue at WA at all, quite the contrary - you are EXTREMELY safe on our network and we proactively got this patched up very quickly. On top of patching this hole at the SOFTWARE level (WordPress), we took extra measures to also block this at the hardware (Server) level across our entire network so this cannot even happen in the future. This was a situation where WordPress released buggy and insecure code that created a security issue - totally out of our control to protect against until learning of this from WordPress.
The fix is to simply revert your post to a previous revision before this "hack" was implemented.
It's important to always update your plugins, themes, and core WordPress versions when there are updates as they are usually released to offer security fixes and performance improvements.
If you have an questions about this, please let me know.
Carson
To answer your question, the extent of this hack on our WA hosting network was extremely low, literally just a handful of sites were affected and we've seen a few posts about this at WA - so few sites were affected that we didn't post about this as it wasn't relevant to most folks. We updated all WordPress sites first and foremost that were vulnerable, and we're nearly complete restoring any content that was changed.
This is no longer an issue.
Thanks for being at the ready on this Carson. It appears you are the front man for site support!
Thanks Carson for getting back to me personally!! I do try to update my plugins when I see the little red number beside "plugins" on my dashboard of my sites, and I will DEFINITELY keep a look out for plugin update AND hackers on my site!!
What I did was just delete or trash both articles that were on my site, and hopefully that is enough..... is it ok to have done that? That is my question now...... thanks for PERSONALLY getting back to me!!
Yes, If these were new posts created on your site them all you need to do is trash them!
Ok great thanks for your help PERSONALLY!!
Wow, thanks Carson for updating all of us on this. I really got concerned when I started reading blogs here about people's websites being hacked. It's good to know that it was relatively rare that a fix has already been implemented. This just reiterates why I'm glad to be here at WA.