No, I don’t have swine flu. Not even a cold. My computer’s been sick, however. More specifically, this blog. And it’s all my fault (I know, hard to believe). I got hacked!
Several weeks ago, I decided to edit my blog’s style sheet to make the blog titles smaller. For some reason, I can’t edit the style sheet from within the WordPress dashboard. It always says it’s not writable or something. I don’t know if this is because I installed the blog using Fantastico, or if it’s an idiosyncrasy of my website host. I have edited the style sheet previous to The Debacle. Successfully. However, this time, I missed a velly important step.
If you need to download your style sheet using a program like FileZilla (which is what I use – recommend it!), you need to change the permissions on your host. What are permissions, you ask? It’s a series of three numbers that essentially tells your host WHO (or, in the case of robots, WHAT) has access to your files. Who can tangle with them, so to speak. Who can screw them up. In other words, by changing the permissions so you can edit the file, you’re leaving yourself open to a security breach.
So…an intelligent person would change the permissions only as long as needed to edit the file and re-upload it. Then the intelligent person would change the permissions back to their previous state AS QUICKLY AS POSSIBLE.
Now, I’m not saying I lack intelligence (although it could be argued…). However, several weeks ago, due to brain drain or too-much-to-do-itis, or what-have-you, when I uploaded my edited style sheet, I forgot to change the permissions back to their original state.
It took awhile for the hacking robots to find me (maybe it was a human, but I think it was a robot). Around the middle of October my domain emails suddenly stopped forwarding to my private email address, because my Internet Server Provider has blocked my domain addresses. This has happened before, and my host’s support staff usually gets it fixed within a couple of days. But this time it wasn’t fixing. I couldn’t figure out why.
Then, about ten days ago, I checked my domain webmail and discovered several emails from Google informing me that my website appeared to be a forgery of a U.S. banking institution and was trying to get browsers to input financial information. Everything looked okay on the site. I couldn’t see this forgery page, so what the heck was up?
I contacted the web designer who coded my blog for me when I couldn’t do it myself. She reminded me of the permissions angle. Yikes! This is when I discovered my own stupidity. I went into my blog files on my web host and did some sleuthing. I discovered a WordPress theme on my server that I could not see from within the WordPress dashboard. I asked my web contact about it, and she determined that it was the phishing page. She removed it and quarantined it, and just the other day I contacted Google to let them know all was fixed, so could they please remove the phishing notice some browsers get when they try to visit my blog?
I have no idea how long it will take to get the notice taken down. Whether you see the notice or not when you visit my blog seems to depend on your operating system (Windows or Mac) and your virus protection program. If you can read this post, then you’re not having an issue! However, some Mac users are getting 404 errors (page not found) when they try to visit my blog. Windows users of Trend Micro are getting warnings not to visit my blog and/or my site. Users of AVG and Norton’s don’t seem to have a problem visiting the blog. I’ve had one report from a McAfee user who does have a problem, and AOL users might have problems.
At this point, there’s nothing else I can do but wait for Google to take down the phishing notice. Meanwhile, I personally contacted my ISP and explained what I think happened to lead to them blocking my domain emails. Unfortunately, because of the hacking, the problem was too entrenched to get fixed over a tech phone call. They told me to contact my web host again and ask the host to get in touch with them. I did that, but, again, it’s a waiting game.
So let this be a lesson to you! If you do your own blog tweaking, for Pete’s sake, return the permissions to their original state as soon as possible afterward. Don’t take after Cindy, no matter how great the urge!
Cindy, that sucks. Good luck fixing it.
Thanks, Edie. Now, remember, don’t be a Cindy!
Hi Cindy – wow, some people (or robots *g*) definitely have too much time on their hands!!! Hope it all gets sorted soon. FWIW, AVG obviously protected my Firefox, cause I’ve been able to see your REAL blog all along 🙂
Oh, and thanks for tweeting me b-day wishes!!
Thanks for letting me know, Teresa. And you’re welcome for the bday wishes. Hope it was a great one.