My Blog Was Hacked (I Think) - The Story

Part of having a website online - especially a popular one - is that, well, shit happens. And it can become a target for hackers. I am not sure if what happened to PCMECH was a result of intentional hacking or something else. Nonetheless, PCMECH was down for close to 16 hours.

The only reason it was down so long is because I was away from the office and in an area in Central Florida where I had no cell phone coverage. I can get online here, however I didn’t check my email until this morning at around 8 AM. It looks like PCMECH died around 4:30 PM yesterday.

Oh, and yes, waking up to find out first thing that the entire world is beating down your door because your website is offline isn’t much fun. If that doesn’t wake you up, nothing will. I had emails. I have tweets. I had it all. Everybody was asking what was happening, yet there I was up in Central Florida enjoying myself with no idea what was happening.

My perfect Saturday morning. Using the MacBook to restore PCMECH.

Showing my Dad what I’m doing. Why I’m smiling? I have no idea.

Still not exactly sure what transpired, but I’ll get to the bottom of it. For one reason or the other, the main site database got corrupted. Wordpress, because it could not detect the data properly, was defaulting to the installation script (which was still on the server). The public was then seeing the Wordpress installation script rather than the regular website. And, yes, people WERE running the install script on the database which was, of course, making a huge mess. So, I immediately started a database restore and had my web host delve into the server logs. My host (Pair Networks) did a fantastic job at springing to action early on a Saturday morning. Took a couple hours of back-and-forth, but we got PCMECH back online with with minimal data loss. Had to do a database restore and a bunch of repairing of tables.

What I’m about to impart is so obvious here that I slap myself for not doing it earlier. Install a self-hosted Wordpress? Don’t be a jackass. Delete the install.php and the upgrade.php files. Despite whatever may have set off this chain of events, the damage would have been less severe had those files not been public and web accessible.

Yeah, even people who’ve been doing this for awhile make dumbass mistakes some times.

If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.

Add New Comment

Subscribe:  This Thread

Go to:  My Comments ·  Community Page

Thanks. Your comment is awaiting approval by a moderator.

Do you already have an account? Log in and claim this comment.