They Hacked This Blog And How My Determination Fixed it

Hello there! If you are new here, you might want to subscribe to the RSS feed for quick updates on this blog.

Most of you probably know that this blog was hacked a couple of days ago. In fact, you can see in my archive page that there is a notice (until now) saying to just go directly to my posts instead of going to the homepage. Well, long story… (you may not want to read this because this is boring!)

The day started when I tried loggin in to my wordpress blog admin page. I was surprised to see that the my login wasn’t succesful so I retried it. But well still to no avail. I immediately pressed the forgot password and well my password was reset and I was able to login again. Being curious, I immedaitely visited my site and saw that I am hacked! Well, I was surprised at it that I wasn’t even able to take a screenshot of it (if everyone has, please give it to me ) I then panicked a bit mainly because obviously I know little with things like this and well its just that from my point of view I can do nothing by myself.

So I then turned to the busiest forum in the world, the digital point. I have made a thread there saying my site was hacked and I immediately got great responses. Some were saying that I should check for some shells, others are saying this and that and those. I also went through the teenager internet marketing forum, blog premiere. Many people have responded as well, but in a longer span of time. Jason pointed out saying that I should get the db from my host which is gator. Oh, yeah! I forgot I should have a conversation with my web host which should be done first and foremost. I immediately called them and talked (they were polite) and they say they would get back to me asap. The incident reminds me of the hacking of Carl Ocab’s site. When his site was hacked, what he did was to change host and update the nameservers and it became fine. The process is a little lengthy though.

I was busy all throughout the day. I then called Rajaie who could probably help me with this. he responded immediately (thats what friends are all about:-) ). He asked for my wp account and I immediately made one for him and made him an administrator. One clear thing is that I dont have a clear path of what to do. While waiting for him, I emailed Scocco of DBT, I tweeted Shoemoney, and the number of replies from dp kept on growing. I then revoked the admin privileges to Alkorani because I feel I should on a more clear direction.

Turned the PC off and think more. I had to be more focused and DETERMINED for it. The blog, well aside from having sold out ad spots, hundreds of readers, the main thing is that it’s a part of me. That’s why my name has on it. After 2 hours, turned the PC again, got reply from Scocco saying I should reinstall wordpress and load the backup. Problem is that my last backup was made way back June, wtf! I told him if there;s other solution? and he said none! I am a click away from removing wordpress and reinstalling it and loading an outdated backup but I said No! Then the great light came in and it seemed that in a blink of an eye I know the end of the tunnel is very close.

I, have searched on C99 shells and have found some of them on my public_html folder, then I also found suspicious files which I fearlessly deleted. Then still not fine~ oh shit! Then an idea popped out and well I changed my template back to the old and ugly Kubrick theme. I loaded it and to my surprise it loaded succesfully… Aha! The problem was on my template. Obviously, the site’s main page is the only one not functioning. What I did is look at the index.php and bingo! I have found out the culprit! I immediately restored the code back and it was back again. The rest was history…

What did I learn? Many things; always back up, never lose composure, trust yourself, and believe in your friends that you can do it, they add positive things. To all, thank you for the help, digital point, blog premiere, the bloggers I have contacted and everyone. A very great experience to me!

Popularity: 7% [?]

If you enjoyed this post, make sure you subscribe to my RSS feed!

The Big Challenge After a Blog Contest – The Dropoff...

Your Blog Can’t Survive This Year...

Blog Updates And Announcements...

About the author

Melvin has written 312 articles for MelvinBlog Dot Com

Melvin is an internet marketer and blogger. In 2008 he started this blog, MelvinBlog.com, to share all his learnings (and ramblings) from the internet marketing world and entrepreneurship in general. He occasionally hides under the gravatar of Kenny of South Park and blogs on his personal blog about his rants on life. To see his real self read more about him

25 Responses to "They Hacked This Blog And How My Determination Fixed it"

They Hacked This Blog And How My Determination Fixed it - Bloggeries Blog Forum 01:06 PM 29/8/2008

[...] going to the homepage. Well, long story
Rockstar Sid 01:39 PM 29/8/2008

Haha.. never say it was a great experience man.. I guess be active on twitter and people will help you a lot their too…

Good to know the site is back
Geoserv 02:05 PM 29/8/2008

Were you using the latest WordPress version at the time?

One thing for bloggers, they all come together in a crisis.

Melvin Reply:
August 29th, 2008 at 2:15 pm
No. Im very certain thats one part of the vulnerabilty of my blog that time.. Right now, wordpress is updated…
bbrian017 03:34 PM 29/8/2008

I left a comment for you on your latest blog article submission at blogengage regarding your blog being hacked! I noticed about 3 days ago I was being redirected to another web page. Glad to see you got things fixed and working!

This happens to the best of us and I’m sorry to hear they targeted you! Keep up the great work!

bbrian017

Melvin Reply:
August 30th, 2008 at 1:12 pm
Actually what you gave is the link about the pepperjam ref program and not about this one…
bbrian017 03:38 PM 29/8/2008

<!– /* Font Definitions */ @font-face {font-family:”Cambria Math”; panose-1:2 4 5 3 5 4 6 3 2 4; mso-font-charset:1; mso-generic-font-family:roman; mso-font-format:other; mso-font-pitch:variable; mso-font-signature:0 0 0 0 0 0;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4; mso-font-charset:0; mso-generic-font-family:swiss; mso-font-pitch:variable; mso-font-signature:-1610611985 1073750139 0 0 159 0;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-unhide:no; mso-style-qformat:yes; mso-style-parent:”"; margin-top:0in; margin-right:0in; margin-bottom:10.0pt; margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:”Calibri”,”sans-serif”; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:Calibri; mso-fareast-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:”Times New Roman”; mso-bidi-theme-font:minor-bidi;} .MsoChpDefault {mso-style-type:export-only; mso-default-props:yes; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:Calibri; mso-fareast-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:”Times New Roman”; mso-bidi-theme-font:minor-bidi;} .MsoPapDefault {mso-style-type:export-only; margin-bottom:10.0pt; line-height:115%;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in; mso-header-margin:.5in; mso-footer-margin:.5in; mso-paper-source:0;} div.Section1 {page:Section1;} –>

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:”";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:”Calibri”,”sans-serif”;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:”Times New Roman”;
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;}

Hey wait I was mistaken! I thought it was your article and it wasn’t, sorry about that! Seems many people are getting hacked these days! It’s not only blogs it’s all software scripts and sites! People thrive off doing it!

You can add this bit to the above post if you wish I just wanted to let you know I was mistaken but I’m also still sorry to hear you were targeted!

Melvin Reply:
August 29th, 2008 at 10:15 pm
whats this? hmmmm!
Saturday Updates and Links Love | DesmondBlog.com 04:07 PM 29/8/2008

[...] from MelvinBlog talks about his experiences when his blog got hacked. Sometimes, it’s more effective to learn from others [...]
Hugo Santos 05:12 PM 29/8/2008

melvin, i can’t even imagine how you felt when you found that… you survived this and you learned something. Next time (hope there won’t be a next)you will be better prepared.

No one is safe nowadays… :\
Lucas 12:10 AM 30/8/2008

I’m glad you’ve managed to fix the problem. Some other people just give up and cry lol.
Desmond - DesmondBlog.com 04:43 PM 30/8/2008

So, it’s because of your theme?

Hm..
WebTrafficROI 03:31 AM 31/8/2008

Its a depressing feeling to see your blog being hacked…i am happy you managed to restore it.
Nathaniel 03:19 AM 01/9/2008

I am sorry this happened, surprisingly I like to read about it, I wondered what happened a few days ago. I wish you knew who the guy was, or at least had a screenshot of it.
Static 07:47 AM 01/9/2008

Hmm… a theme problem? If so, try using the theme authenticity checker for your themes.
Static 07:47 AM 01/9/2008

I forgot to mention, congrats on getting your blog back!
Enkay Blog 02:10 PM 01/9/2008

I remember when I had my blog hacked. It was like the longest day of my life. I know that when I look back I’m glad that it put a scare in me because now I know better but I’m glad you have people like Rajaie to help you out so thats good man. Glad to see you back.
Keyword Anchor Do-Follow Blog 09:28 PM 01/9/2008

Wow, that really sucks, and my worst fear, I change my password like 3 times a month, congrats on the recovery!
JR
Ganesh 02:37 AM 03/9/2008

I hope everything is fine now. Why don’t you change the theme? A new theme is sure to spark some interest in the visitors.

I learned one lesson from this post – always have backups of your blog.
stratosg 02:17 PM 05/9/2008

congrats on facing it successfuly… one more thing i’d like to add… always have your software (wordpress and plugins) updated to the latest version. and if you want to be a bit paranoid check out secunia.com before installing anything
Hacker Forums 08:19 PM 07/10/2008

Most all blog hacks are from people not upgrading their blog software.

If you don’t make a ton of changes, just backup your template one time, then create or download a script to email you a database dumb every couple days.

Hacker Forums
Do You Value Your Computer's Security? | The Melvin Blog 12:14 AM 26/10/2008

[...] the lesson I learned here is to always value your computer’s security. Most of you know that my blog was hacked and I had to tighten up my security measures to make sure those things will not happen again. Wth [...]
videoonlinego 11:47 PM 17/11/2008

It is not out-of-date information? Because I have other data on this theme. http://video-online-go.ru/map.html
Daniel Brauer 11:47 PM 13/2/2009

A SUPPORTED BY THE DEVELOPER TOOLS? It was interesting. You seem very knowledgeable in ypour field.
Daniel Scocco 09:25 PM 05/2/2011

I didn’t get your email man. Else I would have tried to help.

Glad you solved it.
Daniel Scocco´s last [type] ..What Is Considered Link Exchange- And Can It Harm My Site