How to keep your blog from getting hacked:
- Make sure that the blog Theme you use is updated by its creators regularly. Hackers gonna hack. And I learned that hackers love to infiltrate vulnerable WordPress themes.
- Change your blog’s password at least monthly and make it really weird. Use symbols, lots of symbols.
- Do not let Google Chrome store your password (or any other personal information). It isn’t secure.
- Choose a hosting company that constantly updates its systems and security to keep ahead of potential new hacks.
- Run virus checks regularly, or arrange (for a fee) to have your hosting company do it for you.
- Check your bank account for activity daily.
- Check your PayPal account for unauthorized activity.
This is a small blog. Not famous. Not particularly “important.” But it is my blog. Yet someone took it as their own. He hacked into my “back office” and used my hosting account. My bandwidth. My everything. The hacker was comfortable enough that he created his own email address and password to my blog. My webmaster was amazed. She said she never saw anything like it before.
The hacker tried to access my bank account. Ping, ping, ping he went, somehow using my PayPal account, testing and trying to figure out the best way to obtain the money in my bank account. Guess what, thief? My husband watches our bank accounts like a mother lion protects her cubs. He notified our bank and I closed my business PayPal account.
My webmaster and I worked to take back what is rightfully mine, but it was mighty time consuming, money consuming and discouraging, very discouraging to me. WordPress, which is what I’ve used since I started blogging, is so popular that hackers constantly look for ways to target its themes, etc. My webmaster changed my blog’s free WordPress theme, since the one I’d been using hadn’t been updated security wise for a very long time (Live and learn, folks).
We changed emails. We deleted the email that hacker created in my back office. We changed passwords. We ran virus checks. All to no avail. We’d find the problem file embedded by the hacker. My webmaster would obliterate it. And the hacker would return, often within hours, to re-create his email account, etc. and resume operations.
The hack started shortly after my original hosting company, Liquid Web, sold me (and a bunch of other accounts) to a hosting company called Deluxe Hosting. Liquid Web is like the Fort Knox of hosting. Deluxe Hosting? Not. Back doors, my friends. This hacker came in through a vulnerable back door.
Deluxe Hosting denies it, of course. Says that I/my webmaster are responsible for running virus checks, keeping passwords complicated, etc. And that’s true. What is troublesome is that no matter what we did, the hacker resumed operations. The problem is in Deluxe Hosting’s vulnerability. But the company reps with whom we spoke had zero interest in exploring that aspect of the hack when I and my webmaster mentioned it in our numerous phone calls/emails to the company’s help desk. I wonder how many others have been hacked since they too were transferred to Deluxe Hosting?
I’m done with Deluxe. My webmaster switched my blog hosting to Go Daddy and I’m about to begin blogging again. Will you join me?
Peace Out, Darlene