Of course some of you may know this. The person that hacked in certainly does!
So how was this done?
Well initially there was a brute force attack on my cpanel – my web hosting company UK Web Solutions Direct should now have plugged that particular loophole. But it didn’t end there, my entire site was wiped, along with all my cpanel settings – which meant I lost email for a while as well. I did reset things up, but they’d been clever and left things in place which I didn’t have the chance to find before they wiped things again!
So my account had to be reset.
But then my copy of WordPress was targeted – but no vulnerabilities exist in WordPress. Somehow they had access to my database. In theory that has now been blocked – at least I hope so.
Why was it done
Still no idea, obviously the person that did it isn’t saying – feel free to leave a comment if you’re the person that hacked my site by the way and explain.
Have you traced them?
yes – at least as far as I can. I am tempted to publish my findings, but won’t at this time.
Reported to the Police?
oh yes.
Did you get any help?
Yes most certainly, and from surprising quarters.
UKWSD were as much help as they could be. The attackers ISP has yet to respond, but I have spoken to their email provider. But a big thank you must go to Ditlev Bredahl of UK2.net who has certainly earned some bonus points for his help. Plus Donncha of Holy Shmoly and the WordPress support team (well ok I only actually exchanged emails with Donncha).
Not forgetting a few others I have spoken to who helped with advice and support.
Is your site now safe?
Well probably not, but I have various monitors in place to alert me if anything does happen again. For obvious reasons I won’t be saying what exactly… I’ve tightened security a little bit and tweaked some settings which should make it as secure as it can be, or at least as safe as any other site out there. Only time will tell sadly.
Now back to business as usual!