I thought I knew my way around the Internet.
I’m an experienced affiliate marketer and blogger. I’ve used the Internet for decades, long before it was the World Wide Web. Now I have many eCommerce niche web sites and I was sure they were secure.
Thank you for reading this post, don't forget to subscribe!Sites get regular content management system, plugins and apps, and installed scripts updates. I use WordPress as my site platform and know the vulnerability factor of the base WordPress installation. I’m also aware of the vulnerability of installed third-party plugins. Knowing this I make sure to install the newest versions of platform and scripts. That minimizes the risk of being hacked and takes very little time to do. Yes, I was secure knowing my sites were secure.
Oh, was I wrong!
My online earnings came to a halt several weeks ago. It was sudden and complete. No warning, just whoosh and sites were crippled. Here’s how it happened and what I did to recover.
The symptoms
It started when I discovered links to my sales offers were hacked and redirected to Chinese language sales pages. I tracked the IP address to a location outside Beijing, China. It took a while, but after making a few changes to code I got the links operating properly. This was a simple case of malware.
I do not know how the bug got past security. Harry Houdini, the great escape artist of years past, said, “Locks only keep honest people out.”
Do you know that these days you can watch YouTube videos describing how to make a “bump key”. A bump key looks like an ordinary entry lock key, but burglars use them to gain illegal entry to homes and businesses. I understand one can purchase bump keys online.
No matter how careful we are the bad guys will find a way past security. Many times we leave doors open for them. Because WordPress is an open source platform hackers can find flaws more easily than with closed source software.
This intrusion was purely to make money, not cause disruption to my accounts. Hackers may compromise links to eCommerce offers. They redirect the link to sales pages different from the original link. These hackers are contracted by often unknowing entities to drive traffic to certain sites. The hacker is paid by the click. It is a highly lucrative business, although illegal and hard to stop. The best we can do is clean up the mess as quickly as we can.
What happened next took my breath away
Within a few days several sites of mine – including this one – were dropped by Google and my ISP. The claim was my sites were contaminated. Visitors were warned to avoid the sites. I had no traffic and needed to find a solution. Because not all hackers work alone and many share information it’s possible the Chinese hacker sold or traded information on my sites.
I shut down affiliate sites, deleting all content. Then engaged SiteLock to clean and protect this site. When that was done I contracted Sitelock to scan the site daily and build a custom firewall protecting JoeAro.com.
What was going on?
We learned someone in Japan exploited a WordPress vulnerability and hijacked my sites. This was a targeted attack, not the usual random roam the Internet and see which door or window is unlocked.
As mentioned above, WordPress is an open source platform. It has flaws requiring more diligent and robust protection of WordPress platform sites. In a way it is a compliment that the hijacking happened. This was a targeted attack on a high traffic website.
So much for popularity!
The particular malware used is well-known to Internet security professionals. It’s been around for 3 or 4 years. Hopefully WP coders are plugging the holes allowing this attack. But, the malware is still effective allowing hackers and hijackers to gain access to sites. Business disruption is one thing, but the fear created by red screen “Do Not Enter” advisories drive existing and potential buyers away.
The expense of securing my sites and recovering lost business is quite a bit. Time and money to prevent such attacks takes a toll. I’m spending quite a bit these days protecting my business.
Solving the mystery
I am extra careful guarding my data and still got hit very hard. I backup locally on 2 external HDDs and to the cloud via Carbonite. I clone my HDD each week to one of the external HDDs and have been doing so for several years. I scan the HDDs constantly using Nod 32 from Eset. And I was glad to know my system(s) were not compromised. That was a major fear. The idea of someone getting past firewalls and other security scared me, honestly.
It was WordPress!
The hijacker didn’t get into my computer. My sites were hacked via a WP vulnerability. As noted above WP is not entirely secure. Nothing is ever totally secure online. SiteLock did the job cleaning up the problem. But there was more for me to consider. I discussed with my ISP, HostGator, what I could do for greater security. This is a service of any competent site host.
The hijacking was like a thief getting into a house and exploiting what he/she learned and robbed all houses in the neighborhood. The hijacker in this case exploited the vulnerability to jump from one site to another.
While we scrubbed WordPress and contacted Google and Hostgator I decided to do some maintenance and upgrade my office hardware. I replaced my HDD. A quick visit to Amazon and in two days I had my new, higher capacity, faster drive. I also added memory and tweaked my PC several ways drawing from experience over several decades of computer experience.
It’s a good idea to maintain your computer. You know, it is cheaper to repair than replace. I find too many change out smartphones and PCs without cause. Most new versions are not going to give you better service than models already in your possession. Just keep everything updated in fine working order. The changes to my system cost less than $200 and give me great performance. Replacing my desktop would cost a few thousand dollars.
If you’re uncomfortable making hardware changes yourself there are many locations that provide that service at low-cost. You may check with the manufacturer and have your device factory refurbished. I use a laptop as backup. It’s quite old, but serves my purposes. I like working from a large screen desktop. Whichever path you choose the goal is to stay open for business.
How to protect your desktop data and online business.
- Discuss with your ISP support people how best to secure your site(s)
- Get an external HDD or two and make local redundant backups of your data.
- Purchase a startup disc to use when installing a new internal HDD.
- Keep your operating system updated.
- Scan your computer constantly – scanning incoming email and visited sites.
- Never open email from people you do not know.
- Be very careful downloading any free software.
- Sign up for cloud backup.
Here are some tools I use on a regular basis and recent purchases made.
These are just a few of the physical tools I use to safeguard my computer system and data.
Shop around and make sure you do not experience my recent disaster. Protect your data and your money-making sites. There’s always a bad guy (or thousands of bad guys/gals) sneaking around, probing sites to do damage.
Note
I’m an affiliate marketer. I may receive a commission if you purchase suggested products. You pay the same whether you use my link or go directly to the source.
# # #
You must be logged in to post a comment.