Help, I Was Hacked!

I have been a bit quiet over the last week because this website got hacked and I’ve been spending the time researching and trying to fix the issue.

Thankfully, it’s all better now but man, what an ordeal.

In my research I read that having your website hacked triggers the same feelings as if your house was broken into.

This is something I can certainly attest to.

Just the knowledge that someone got into Corey Stewart Online and decided to muck things around a bit made me feel sick in the stomach however, getting hacked seems to be “just one of those things” that you have to deal with if you have an online presence.

I use WordPress and I’m very diligent in my version and security updates but it doesn’t seem to be enough. The hacking problem doesn’t seem to be a WordPress-centric issue because sites that run other content management systems (CMS) such as Drupal or Joomla are being hit as well.

The hack I was hit with was called an “eval base64_decode” hack which essentially puts malicious code into most of the php code of my website. The end result being that when you went to Corey Stewart Online it was then redirecting to another site.

To get rid of it I had to go through every PHP file manually and delete the malicious code or in some cases, delete whole files that were placed there by the hack in the first place.

That was about two whole days right there. What a pain in the arse!

I suppose the lessons that I learnt from this whole experience have been twofold.

First of all, I’m going to be even more mindful of my internet security and not get complacent just because I run a Mac and secondly, I’m able to roll my sleeves up and get my hands dirty with php code and fix a problem all by myself.

I do feel good about that.

I’ve also been able to get a good snapshot of the relationships between the domain names that I own and the websites that I run and realise that I could’ve tightened up my security there as well. That has also been rectified and I feel most relieved.

All in all it has been another action-packed week here at Corey Stewart Online. Just wondering when the fun starts.

Peace,

Corey :)