A Final Word on my Google-Wordpress Saga

October 8th, 2008

So what have I learned from all of this? First of all, here are three steps to keeping your website from getting hacked:

  1. Use Google Webmaster Tools - if I had been using them they may have helped me diagnose the problem much earlier.
  2. Change your password often and make it a good one! I HATE keeping track of passwords as much as the next person. But guess what I hate even more - Getting my blog hacked.
  3. If you are running a self-hosted wordpress blog, you have to be diligent about updating to the latest version. Updates aren’t just about the latest bells and whistles  - they are about security.

If you know what you’re doing updating to the latest version shouldn’t take more than 15 minutes. If you don’t know what you’re doing, take a minute to read the instructions on wordpress.org. It’s not that hard and if you do it once, it will be in your brain.

I never thought hackers would bother with my site in the first place.

I have a simple little wordpress blog with a modest audience. Why would someone want to hack into it? Because there are millions of “simple little wordpress blogs” out there. The hackers figure out how to break into one, and then they can break in to all of them.

Do I have second thoughts about using Wordpress?

I did at first, but then I realized that no matter what platform you use, there will be vulnerabilities. Wordpress is obviously going to be vulnerable because so many people use it. On the other hand, so many people use it because it rocks! It’s so easy to install. It’s built for blogging and yet it can also be used as a simple content management system. It’s also easy to customize for a “casual” web designer like myself, and there is a great community of theme builders behind it. I will continue to use Wordpress.

Bottom line - if you are hosting a site on your own domain, then it’s up to you to be a responsible webmaster. Use the three steps that I outlined above.

Last week I was tearing my hair out and suffering from a blogger existential crisis, this week I am triumphant. I found a problem, diagnosed it, and fixed it all by myself, and now I am that much more tech savvy. It’s a good feeling.

One thing I have had second thoughts on is whether or not I want to encourage other bloggers to host their own domain, particularly those of you who are strictly blogging for the sake of blogging, and have no use for the technical end of it. If that describes you, then I would recommend sticking with wordpress.com, or blogspot.

On the other hand, if you find all of this technical stuff kind of interesting, then I heartily recommend moving forward and using your own domain with a host. There is something so cool about having your own little place on the web that is not part of some larger system. To me it’s like the difference between owning a house on a little piece of land, and renting an apartment in a multi-level building.

TrackBack URI

8 Comments So Far

  1. I am so glad to hear things worked out for the better. Thank you oh-so much for the hack-prevention tips. I will be calling upon those shortly.

    Strong One — October 8, 2008 @ 7:51 am

  2. Thanks for the useful tips.

    I don’t understand hackers either. I’d rather read a book, go out and play . . . do something fun.

    Karin RN — October 8, 2008 @ 9:26 am

  3. Nice pointer on the webmaster tool, I just went and set up webmaster tools for my tiny little blog.

    As for the hackers, the attacks are mostly automated, and most of the reason behind it boils down to scamming money out of people. Hacked sites are either used to bolster search results for a scam website (so people will spend money there, thus profit), or co-ordinate bot networks distributing spam selling products (profit), viruses (to recruit more bots) or attacking commercial sites so money can be extorted out of their owners (for “protection”, just like the old mob).

    Unlike the early 90’s, hacking isn’t bored kids anymore. It is now tech-savvy con-artists looking to make a fast buck.

    Mental Father (nonmedical) — October 8, 2008 @ 7:40 pm

  4. And to add to what Mental Father wrote, many times healthcare-related blogs are at a much higher risk because of the value of pharmaceutical keywords. Because links from related domains are worth much more, spammers search on some very basic keywords to identify healthcare-related blogs to attack.

    Shane — October 10, 2008 @ 7:07 am

  5. What you should do for passwords is using a password manager, like RoboForm, to remember the passwords for you. This way each login can have a unique, strong password without you having to remember it. You only have to remember the RoboForm password and use its browser includes to fill in forms automatically for you.

    Veign — October 10, 2008 @ 7:28 am

  6. I am really happy that this all worked out for you… but I must say you also have the skills to tackle the problem. I’m not sure if I could handle a situation like that as well as you did!

    dethmama — October 10, 2008 @ 7:01 pm

  7. Glad to hear evrything worked out. Are you still working on a new blog?

    Jeff — October 13, 2008 @ 8:50 am

  8. [...] So I was very interested in PixelRN’s troubles. [...]

    School Daze at Change of Shift! // Emergiblog — October 16, 2008 @ 1:34 pm

Leave a Comment

 

PixelRN is Digg proof thanks to caching by WP Super Cache!