Monthly Archives: December 2014

Newburyport WordPress Blog Hacked and What I Learned

 

code-hacked

It was Christmas Eve, and I was looking at The Newburyport Blog on a friend’s mobile phone, when yes, “Oh dear,” the blog had been hacked!

It was subtle, a spammy link to a “payday loan” right underneath the top menu.  Looking back at Google caches of the website, “payday loan” links were looking downright classy compared to some of the other kinds of links that had been formerly left behind in that one particular spot.

In 8 years, this was the first time (I now consider myself lucky) The Newburyport Blog had been hacked.

So to my fellow WordPress bloggers in the Newburyport area and beyond, this is what I learned.

1) After initially installing the WordPress blog, I think I updated WordPress maybe once in 8 years. Not so good of me. For my fellow bloggers, yes, we know about those pesky notices at the top, that show up when logging-in, urging us to “update” our blog, that seem to arrive at a ridiculously regular basis. It never occurred to me that those were “security” updates, I just thought that it was “lovers of computer code” showing off. How very, very wrong of me, and I will now religiously update WordPress.

2) There is something called “plug-ins” that perform all sorts of nifty tasks behind the scene. Who knew that those plug-ins need to be updated on a regular basis, not moi.  A place, apparently, for pesky, nasty code, to be placed in hiding, that triggers noxious actions from unseemly folks.

3) Another place that hackers apparently leave polluted notes to make one’s blog do all kinds of unpleasant things, is in the “themes” — those are “things” that create the way different blogs look. They may look “pretty” but underneath all that prettiness, they are all code (an example of what WordPress code looks like is in the image in this post). And, yes, that is where I found at least one place where my harmful hackers had left there corrupting “notes.”

And when WordPress is updated, themes can be updated, and the new “updated” themes, at least, momentarily wash away unwanted coded nastiness.

4) And locking the doors. Changing the password (which seemed pretty sturdy), to see if it would prevent hackers from picking the locks to The Newburyport Blog one more time.

When I updated the blog, updated the plug-ins, updated the themes, and removed all previous themes, miraculously, and to my relief, the spammy link disappeared.

I have no idea if it will return. It has been 3 days and nothing yet, so here’s hoping. But if any of the faithful readers of The Newburyport Blog see any “unsavory” links, or weird blog behavior, would you please let me know. And I will see if I can go back and do some more sleuthing into the compelling world of computer code.