Three weeks ago, I was outlining a post for Monday’s blog when I discovered my website had been hacked. My familiar main page featuring my latest two posts along with links to pages on home, car, life, and business insurance had been replaced by someone claiming to be a jihadist and that they now held all my previous posts. There was no request for ransom, just the smug comment they’d done this to me.
I felt a little violated, stopped working on my post, and contacted my webhosting company to see if this problem was unique to me, or something they were experiencing on their servers. Last fall my hosting company had been hacked but it hadn’t affected my site, other than an interruption in service lasting a couple of days.
The technician reloaded my website from the previous week’s backup allowing me to resume my normal blogging schedule, or so I thought. After 24 hours, the same hacker had returned, hijacking my site, and displaying the same claim. Over the past couple of weeks, the same hacker and I went through this two more times, until he locked me out completely. I sat down with a friend of mine, who happens to be a Director of Information Technology for a publicly held company and we mapped out a plan. Here’s what we did, and the lessons I learned.
The first thing we did, is move my website to another hosting company. After talking with several friends of mine who are professional bloggers, and web developers, I settled on Bluehost. I obtained the required release to move my site from my previous hosting company, and spent Saturday afternoon with my buddy, Ross, moving my website.
Prior to actually migrating my site, we learned that my hacker had removed my user information on my website, and installed themselves as the administrator. This had locked me out for several days, and prevented me from even resetting the password to my site. We set about recreating my user information, set me up as the administrator, and removed the hacker’s information. We than used WordFence, a WordPress, security plug in, and scan my website removing the malware the hacker had installed.
Once we had clean data, we began migrating clean data to Bluehost. This meant moving over 400 previous posts, along with all their associated pictures, as well as the informational pages on various insurance documents. The good news is no client data was ever compromised. My website has always been designed to educate and inform individuals, families, and business owners on insurance products pertinent to them and their needs. No client data of any kind resides on my site. We utilize a management system for quoting and administering client data and documents. In addition, client data is maintained on the insurance carrier’s sites.
There were several lessons I learned from this incident. Make my passwords longer. They are now between 20 and 25 characters in length which is harder to hack than a shorter one. I utilize a variety of special characters in them such as #, $, <, >, @, %, etc. but they still needed to be lengthened. I’ve also decided to change them more frequently. I was changing them every 90 days, but will change them the first of each month. Yes, it’s a hassle, but it sure beats being hacked again.
I added two WordPress plugins; WordFence for security and scanning for malware. I set it up to lock the login screen after 3 inaccurate attempts to log in and extended the amount of time in which it can be reset. In addition, I’ve added a plugin to back my system up weekly to a secure site, so as not to be dependent on my hosting company’s backup schedule. These should help, but if I’ve learned one thing, even the website of a small business is vulnerable to a hacker who’s determined to get in.
Maintenance of any system, software, or website is crucial. Keeping plugins up to date is vital to a website’s protection against vulnerabilities. I now update plugins whenever I load a new blog post.
Wednesday’s blog will resume the car insurance series I started before I was hacked, and Friday’s post will be sharing the story of an individual that’s worth repeating. I will return to my normal schedule next week, but I hope sharing my experience of being hacked has been helpful. Share your comments, questions, and suggestions with me on our Google +, LinkedIn, and Facebook pages. I’d love to hear from you!