(Reading time: 5 – 8 minutes)

Woops. I published this piece wondering what I forgot, and it was my introduction for this article’s author, Anne Bender. Since it’s pretty late, and (contrary to popular belief) I do sleep once in a while, I’m simply going to go with “Anne is really cool and you should hang out with her at Anne On Life.”

Hacked. I Feel So Violated, Again!

-by Anne Bender

No joke: twice in two weeks I’ve been hit with malicious code on my site. The first time I rebuilt, lost stuff, moved on, fixed what I could, breathed a sigh of relief. The second time I almost cried.

I was devastated to say the least. It’s like an invasion of my home or car or … ME! Been there, done that. I carry my keys in my hand or pocket, never in my purse. Lesson learned.

February 19, 1993

There are few things we remember so clearly. For me, these things would include:

The birth of each of my children. Oh, yes, I remember all three vividly.

Being told it was not my fault I can’t cook since my mother didn’t teach me my proper role as a woman. Uh, I can cook, hole surrounded by ass!

And the day in February some stranger put a gun to me, my grandmother and my grandfather. When I was 8 months pregnant, and my grandmother holding my daughter Megan. Good thing I was poor and all he really got was my sense of security.

Seventeen years later, I still carry my keys in my hand.

And then there’s this:

Now, imagine my surprise to find my dashboard looking like that strange anomaly above. I started thinking “Oh, crap! not again!”.

See, this is how it started. The first time was my fault. I did not upgrade WordPress to its latest version. Normally I do, but I had heard rumblings of it not working quite right so I just didn’t. Mistake number one. Then, I changed themes without reading the instructions thoroughly. (Hmm, sounds like every guy I know.) Mistakes number two and three, trust me here. I didn’t backup my blog properly. Did you know there is this database file stored on your host server that you should backup? I thought something must exist, but again, I didn’t read the instructions first. Mistake, mistake, mistake.

I fixed it… no?

Step one – update WordPress. Of course, I had to update WordPress from within my site, then over on my host. This fixed my wonky dashboard.

Step two – get infected by malicious code which messes up my feed. Huh?

Never, ever, ever delete your feed. Never! Don’t do it. Don’t think it. Mistake number, oh I lost count.

Everything gets rebuilt from the bottom up!

Operation Fix Blog, take two.

First, I exported my blog using WordPress’ export feature under tools. I also noted how my site looked, widgets used, plugins I would want to reinstall, etc. Then, I moved all of my files directly from my hosting site. I was going to download them onto my computer, but my FTP program didn’t want to cooperate. Instead, I created a folder called godhelpme [no joke] and moved everything to there.

Breathe in, breathe out

Second, I reinstalled WordPress through my host. New installation, new user name, new passwords, new everything. And I waited.

After WordPress was up and ready to go I logged into my account and adjusted my settings. Here you want to change your permalinks to match your old style, re-check threaded comments if used, add profile information. At this point I stayed with the default WordPress theme. No major changes until all my information was recovered.

Here is where I ran into my first real problem.

I proceeded to import my previously exported file into my new WordPress install. My advice here would be to do a basic import and not elect to import images and such. This worked better for me, although not without its hiccups. See, not all of my posts came back.

In fact, most of my posts did not come back.

My site has posts dating back to November 2008 and through May 2010. During my first restore WordPress imported to June 2009. I hit that import button a minimum of 50 times. In the end I lost about 20 posts and had to recreate them from my feed reader and export file. I have no explanation for this as all of my posts were in that file. It could be my internet connection, my hosting provider, or just a glitch. No one could really explain this. I asked.

Time to Spruce Things Up a Bit

After everything was as close to its original state I proceeded to install my preferred theme and reinstall my most used plugins. This took the most time. Never wanting to be like everyone else, I opted to use Headway instead of Thesis.

One thing to note if you decide to go with Headway is your WordPress files must be in the parent directory. Some of you may like to use a sub-directory such as /blog. This will not work. Something to think about.

Headway installed, check. Plugins installed, check. Spackle, paint, polish, check.

Where are my images? Since my blog was originally in a sub-directory I copied my image files back into a newly formed, same name sub-directory so my old posts could find their pretty little pictures.

Then, I recreated my feed that I deleted [learn from my mistake]. I lost every single subscriber and I only had 36. So sad for various reasons. But it worked. Everything was up and running. No wonky dashboard. No malicious code. Life is good.

Until it happened again…

I was this close to deleting the whole thing. But I didn’t. This time I restored my site to a time when there was no malicious code. And I created this massively long, strange, phenomenal password. So far so good. Yet, my keys are in my hand now. I don’t feel as secure as I once did. My site has been violated not once, but twice in about a week’s time. I’ve gone through the depths of hell and come out the other side.

I lived to tell the tale: Back up, export, be vigilant.

Save your blog and your sanity.

Anne Bender resides in rural Virginia with her husband, 3 kids, 1 dog, and various chickens. She has an equal fondness for numbers and words, and a love-hate relationship with technology. Anne plans to live near the ocean, writing fun stories and really bad poetry. Visit Anne at AnneOnLife.