You Won't Believe This–Blog Attacked By a Virus

Disappointment! Blog Attacked by a Virus

Somewhere around the first of March my blog was attacked by a virus.  I had no idea how to correct the situation.  Fortunately, my son is a computer engineer and I was able to nag him enough that he did whatever he had to do to remove the virus.  This is the second time since last fall that has happened.  And then I made matters worse, which I will get to in a moment.
I began researching how in fact this could happen.  I found this info from InfoRats the most concise.  You may want to read their entire post.
“Dumb-bots and smart people, or smart-bots and dumb people.  Either Way, they are either using a bot similar to a search engines that crawls the web looking for vulnerabilities, or they are systematically finding sites with vulnerabilities and targeting them directly.  A bot will usually use a HEAD request (the first part of an http request), and attempts to access wp-admin/post.php, wp-content/plugins.php, or any other http method.  The bot will also try to exploit the database through various SQL commands and queries or find vulnerabilities via RPC and trackback. ”
What I really wanted to know was how to present it from ever happening again, well with at least some certainty.  I learned that is you are using WordPress it is important to keep it updated.  Your plug-ins must be kept updated as well.  One other thing I learned was that my password was way to easy–so it has been changed.
Now I was so determined to stop any future attacks that I decided yesterday afternoon that I would update to the newest version of WordPress.  Which caused some issues with it functioning correctly, which meant I had to upload the new version manually using ftp.  I know enough about this stuff to be dangerous–which I will prove to be true.  According the the WordPress forums one of the reasons the new version may be experiencing problems could be the plug-ins.  And since plug-ins could be the entry of a virus as well I began deleting them.  And I deleted all of them except for just a couple that I depend on.
Here is the end result, everything is working properly now but somehow I lost every blog post and comments since January 2011.  Ugh, I do have the copy so I can repost and back date.  I do not have a backup because I deleted it–duh.  What a mess.  All I can do really is laugh at myself for being so reckless.  Next time I will get assistance — like my son.  But I didn’t want to keep asking, I thought this should be easy.
Please learn from my experience of having my blog attacked by a virus.  Backup often, have a strong password and keep the software updated including your plug-ins.

Leave a Comment:

(2) comments

I’m so sorry you had to go through that. I’m constantly harping at people about updating WordPress and plugs, and changing passwords for this very reason. You’re not alone. But it can even happen to sites that are updated regularly and have strong passwords too. If someone wants in badly enough, they’ll get in. There’s no hacker-proof system. But those preventative measures can help.
There are a few WordPress plugins that will back up your site automatically. You may want to try a few and see what works for you. Make sure they’ll back up your database as well. Also, some web hosts can do automatic backups on a schedule. It may be a setting in your web panel. Or you can ask them if they do it for you regularly. They may have your missing information. It wouldn’t hurt to ask.

Reply
Donna Amos

Janice
I believe the virus even attacked my backup program. I have my database backedup every Sumday. But I did not notice that I had not received the file for a couple of weeks. Just a great lesson for all solo business owners out there to take the time to do the updates and be certain you trust a plugin before installing it. My computer engineer son believes that is where my virus came from.

Reply
Add Your Reply

Leave a Comment:

>