I just want to let everyone know that my old yarn business site was attacked, and 17,000 Days was taken out as collateral damage for about 24 hours. If you tried to come here and got nothing, that’s what was going on.
The good news is:
- The attackers deleted a lot of stuff, so I realized something had gone wrong and could do something about it
- I had taken backups less than two weeks ago, so almost nothing was lost
- I have some computer knowledge, so I was able to restore things myself when my hosting provider wasn’t much help
- I have now gotten around to installing software to do regular automatic backups of my sites
- I have eliminated the hole where the bad guys got in
I’m still going through everything with a fine-tooth comb to check for any other breaches, but it seems to be limited to the yarn stuff.
This was my first time for anything like this, and I felt so small and helpless! I knew I should be paying more attention to backups and stuff, but I thought my hosting provider had my back. Besides, I really never expected it to happen to me. If it wasn’t for WordPress versioning up recently and nagging me to back up and upgrade, I could have lost a lot.
So, I guess this is another “don’t do like I did!” post. You’re never too small to lose your stuff. If you don’t have regular automatic offsite backups of your data, get that set up now! Amazon S3 is a great place to put them–storage is super cheap (seriously, pennies a month) or free.
Meanwhile, a big thank you to Jen Gresham at Everyday Bright and Lindsey Donner at WellVersedCreative.com–their comfort and generous offers of help were what finally snapped me out of maximal freakout mode. (Telling myself freaking out doesn’t help and this wouldn’t matter in 100 years were not doing the job!) Be sure and check out Jen’s post on the Happiness Wars–it is totally awesome, and features my book!
P.S. I wish this was an April fool’s joke, but it’s not! If you find anything that’s broken, please email me at cara [at] 17000 [dash] days [dot] com or tweet at me @cara_stein. Thanks for your help!
It seems a lot of sites are getting attacked. Someone has been launching several attacks against my site, all using TOR to hide their true IP address. Most have been brute force attempts, but one was an SQL injection attempt. I’m sorry this happened to you, but you make a very good point, back up often! Limiting log-in attempts to 1 before lockout took care of the brute force attacks and so far being very strict with database structure has kept scripts from being inserted.
I think it’s good you brought this to people’s attention, perhaps it will prompt more people to really lock down their sites.
Thanks! I put a bunch of new stuff in place to try to improve security, but you can never get it 100%–just look at Wikileaks. It does make me nervous to be using other people’s code–the hole in Zen Cart that was used to attack my site was a really stupid one. But I don’t have time to rewrite everything myself, and the WordPress community seems to be a lot smarter about this sort of thing.
Anyway, definitely, it can’t be said too many times about frequent, off-site backups!