A few weeks ago my main website got hacked in a big way. Apparently, unbeknownst to me, my site was busy spamming the internet because it had been connected into a network of sites all directing links to various other sites, ultimately trying to either infect the poor soul on the royal goose chase with some sort of virus, or adding tracking cookies, or trying to sell merchandise to a person who doesn’t want it or need it and wouldn’t buy it from the spammy site if they were paid to. My rockin’ web host provider caught the problem, shut it down, and had removed and restored the site onto a new, clean install of WordPress before I even knew about the breach. All I have to say to the hackers is, 01100010 01100001 01110011 01110100 01100001 01110010 01100100 01110011!!!
I was already in the process of reorganizing my site as I will be writing under two different names — one for children and Middle Grade (LK Griffie), and the other for Young Adult (Liana Gardner) and through discussion with my agent, Italia Gandolfo, we felt it best to have the children’s and the YA segregated as they are very different types of books. I had also already contracted with a web designer to redesign my primary site, but first I had some clean up to do. Unfortunately, the spammy links got indexed and I’ve been working on cleaning up those indexes so they are not still accessible doing damage. At the same time, since I wasn’t sure whether the hackers got in through the theme or one of the many plugins I used on the site, I stripped everything out and left a one page site running two plugins … Security and the WordPress jetpack with most everything turned off.
One page with a graphic stating the site is under construction and I figured hackers would find it uninteresting (there really isn’t anything to mess up, there is no data left hanging out, not that it would be of interest to a hacker anyway). Yesterday I was proven wrong. I had hack attempts trying to login with the user ID admin from IP addresses all over the world every few seconds for over a 24-hour period. It was astounding to watch the live traffic as it hit, attempt after attempt all trying to access the site login. I got tired of blocking individual IP addresses and finally wound up blocking entire countries … I had to do something while the siege was going on. I couldn’t keep up.
I will ultimately relax the security on my site again, once the hackers decide that they aren’t going to get what they want with my site and they move on to the next one. But the experience underscored a few things for me:
- Creating an administrative user ID that is not admin or administrator for your website is essential.
- And once you have, removing the admin/administrator user is just as essential.
- As fussy and fiddly as they are, having the protection of a strong password can save your site from being completely hijacked. Something like: 9]t.F`fY}TT~NuNA Or like: :=9%2.LvqXA@~QZ* will keep hackers guessing … because it isn’t your dog’s name, or your mom’s, or best friend, or … you get the idea. Things that people can guess from knowing you.
So until the new site is completed … which should be any day now …
PS — for those who’d like to know … the binary code in the picture says, “get lost hackers”