“It won’t happen to me”, I always thought. One morning I woke up and found out that all my personal websites were hacked by Iranian Muslim cyber-terrorists. Boy did they pick the wrong guy – a pro peace left wing liberal – but obviously they don’t care, all Israelis are evil.
How did it happen? I had a lot of websites running on all kinds of subdomains, a lot of them with out of date WordPress & plugins that I haven’t updated in a long, long time.
My guess is that they used some kind of vulnerability scanner on Israeli websites and abused an old WP or plugin security bug. Or maybe they just brute forced it, though my password is not easily guessable.
I take full responsibility for what happened. Here are my immediate action items following the attack:
- Delete unused websites
- Uninstall unused plugins
- Upgrade websites on a monthly basis
- Install the Login Limit plugin
- Backup to DropBox via BackWPup
- Backup DBs on a daily basis
I’d also like to give a big thumbs up to my hosting provider, Site 5, for handling the situation quickly, kindly, and professionally. I love you guys.
Now that my account is leaner and meaner – bring it on Muslim script kiddies!