Cleaning up after a break in.

ok, not really.

Ever wander out to your car, which had been left sitting in a presumably safe parking spot to find a window broken? That moment of gut-wrenching shock as you recognize the violation on your personal space and property? Well, I had that happen to me this morning, except it wasn’t my car, or my house… it was this website.

Last night between 11:10 and 11:18 somebody hacked my site. They used some flaw in PHP, or even WordPress itself to change permissions on some of my files and create a WP admin account for themselves. Thankfully that is about as far as they got before they were locked out by our server software. The lock-out is total though, which is why the site was down from that time until this morning when I woke up and was able to start putting it back together again with some help from two good friends of mine, WRD and Nick. Bill helped me figure out what had happened (he also built the system that detected the intrusion and shut down the site) and start me on the path to fixing it. Nick provided me with a little insight into mySQL-fu when Bill was away at lunch. (Thanks again Nick! I owe you another sushi dinner!)

It took me a while, but I was able to root out the compromised accounts, get the site running again (re-uploading a lot of stuff from backups, which was easier than trying to find what was broken and fix it!) and then take some steps to tighten up security on the administration side of WordPress. I locked everyone, including MYSELF out of the admin section all day until I was confident I had locked down access to it. Once I confirmed that my security mechanism was in place I let myself back in…

So that is why there was no CPotD posted today. Or anything else for that matter. I was cleaning up the broken glass and ripped up dashboard of chuck.goolsbee.org.

4 thoughts on “Cleaning up after a break in.”

  1. Good to see you back and the website is alive again.
    We live in a world where some strange people have nothing else to
    do than disturb others…
    Keep ut the great work !

  2. and ‘they’ broke into my car for real the sods only the other day! broken rear door window and a little other damage and stuff stolen…

    good you have the expert help there Chuck to make sure it is not going to happen again…

    Jerome

  3. Were you running the latest version of WP? (If you haven’t installed it, the plugin “wordpress automatic upgrade” take the pain out of the process.)

Comments are closed.