Words For Hire

Business, PR, Marketing, Social Media 586.461.2103

  • Home
  • Services
  • About
  • Case Studies
  • Press
  • Contact
  • Blog
  • March 26, 2023

Go Suck it Hackers! A Postmortem on my Weekend of Horrors

June 24, 2013 by Karen Swim

Update: Over the past several days I’ve been working closely with Sucuri to work through issues caused by the attack. Blog posts were disappearing, characters were appearing and I even had my own IP blacklisted. As a result of fixing these issues and sleuthing out any backdoor hacks you may have seen this post appear and reappear several times. I am so sorry and hope that this is all behind us.

The phone rings and somehow you know that the news is going to rip the fabric of an otherwise normal day. That is how I felt when my senior copywriter, Michele hit my cell over the weekend. Not that a call from her signals bad news but somehow my mind knew before my ears heard the news. My site had been hacked. In fact, I later discovered two of my sites had been hacked.

I felt violated, as though someone had ransacked my home and spray painted a note on the front door to mock me. Worse, a much needed weekend of rest had turned into a nightmare journey of fighting cybercrime.

I was not going to write this post, fearing that even using the H word would invite a return visit. But running scared is not my M.O. and this is an opportunity to help others avoid being burned by slimy human beings who break things for kicks.

Though I wanted to curl up in a corner and cry. I gave myself a 1 minute cry break, bucked up and did the following:

  • Changed all of my passwords. I have always adhered to strong passwords but bumped it up a notch to super strong.
  • Ran a virus scan on my computer (I use Webroot)
  • Contacted my web host. My hosting company is amazing and they ran security scans on my site to help isolate the problem and navigate me through the crisis.
  • Changed my website control panel and FTP passwords.
  • Purchased a server monitoring subscription and initiated a repair ticket.

Getting hacked not only causes emotional distress but can damage your business. Malware can cause search engines to blacklist your site. Your site visitors can be infected. All of this can damage your reputation and bottom line. As a business and communications professional I urge businesses to have a plan and a backup plan. Your website is an asset and you should absolutely be proactive by taking every measure to secure it and have a good plan in place should something go wrong.

There were things I was doing well and others that I allowed to slip. Listed below are the lessons I learned that you can apply to your own business.

  • Do not rely on one security measure. Your webhost may be great but if you use a CMS, themes, scripts or plugins you are still vulnerable to attacks.
  • Just like the software on your computer, make sure that you are always running the latest version of your CMS, theme and plugins. Failure to upgrade may expose you to security vulnerabilities.
  • Remove unused items. Delete any unused themes or plugins. Again, if you’re not using them you’re not updating them.
  • Backup on a regular basis. Even if your entire site were taken down, a backup will ensure that you can restore your site quickly.
  • Be judicious about what you install. Check out reputable sources for information on themes and plug-ins. Do research to see if there have been problems.
  • Use very strong passwords. Follow the advice of security pros and include a mix of upper and lowercase letters, numbers and symbols. Do not use personal information such as birthdays, phone numbers and addresses.

As an additional resource I created a list of articles on keeping your site secure. Please feel free to add to it with tips and references of your own.

Getting hacked sucks, but like every crisis it can take you down or help you to fortify your defenses for the future. These attacks are not going away so it is important that we become educated about the resources that can help us be proactive.

Have you ever been hacked? Commiserate in the comments and share your tips for getting through it.

Filed Under: Insights Tagged With: website secruity, word press, word press hacked, WordPress

Important Announcement for WordPress Users

September 8, 2009 by Karen Swim

Warning sign
Image via Wikipedia

Since moving to Michigan I have grown accustomed to television programs being interrupted with beeping sounds that indicate a Severe Weather Warning. This post is my own Severe Weather Warning to everyone with a self-hosted WordPress blog.

I shared this information over the long weekend but it’s worthy of posting here today. If you have a self-hosted WordPress site, it is important to upgrade to the latest version (2.8.4) now.  Older sites have been attacked which made for an unpleasant weekend for some bloggers.

Read the information from WordPress on how to keep your site safe, and read Lorelle’s post to find out if you have been attacked.

Regularly scheduled posts will resume tomorrow. 🙂

Reblog this post [with Zemanta]

Filed Under: Business and Career Tagged With: WordPress

WordPress Stuck in HTML Edit Mode

August 25, 2008 by Karen Swim

Written by Karen D. Swim

I have an update to my issues with the WordPress 2.6.1 fiasco and wanted to share the solution with you.  After reversing my attempted upgrade, my WP Admin dashboard still had issues.  Two of the most troubling were:

  1. Inability to edit publish date (I could save as draft or publish immediately)
  2. Visual editor did not work. Visual was highlighted but it was stuck in HTML mode

After doing some online surfing I was able to determine that the visual editor issue is not new and can be traced to the TinyMCE file.

I found jerrydrussell’s forum answer helpful:

edit /wp-includes/js/tinymce/tiny_mce_config.php find the line that says ‘compress’ => true and change to ‘compress’ => false.

I found my answer in the WordPress forum. There are a series of helpful steps to help you diagnose and fix the problem.  Fortunately, I did not have to go through all the steps because I had my old tinymce file. I was smart to backup before attempting the upgrade. I actually did two backups to two separate locations. Now that I knew the problem file, I went to the folder on my server labeled wp-content/includes/js/tinymce and deleted the entire tinymce folder. I then uploaded my original tinymce folder and my visual editor is now working! So I can once again post images without coding or using a workaround. If you are not comfortable using FTP or working on your server, have someone do it for you.

I still cannot edit the post date so I’m off to work on that issue next. The moral of this story is back up your files before doing anything! If you screw something up you can restore yourself to ground zero.

Reblog this post [with Zemanta]

Filed Under: Insights Tagged With: Add new tag, TinyMCE, visual editor, WordPress, wordpress 2.6.1 upgrade

Word Press 2.6.1

August 23, 2008 by Karen Swim

Image representing WordPress as depicted in Cr...Image via CrunchBase, source unknown

Written by Karen D. Swim

I spent the better part of the day in WordPress purgatory. As is typical with all things technical,there is no chicken exit. Once you start you are all in until the deed is done or you have broken something and need to call in an expert.

I thought that Saturday would be the perfect day to tackle the WordPress upgrade. I was relaxed and could take my time. I don’t post on weekends so did not have to worry about blog visitors. It all began so innocently.

Initially I was going to use the WP Auto Upgrade plug-in. I got it loaded up on my server and came back to the WordPress dashboard to activate and enter my FTP info. It logged in but I soon got a red error. It could not find a file. Uh oh. Now, a smarter mind would have stopped right there but um I’m not that smart!

No big, the easy way did not work, I would just install the files myself. I backed up my files and then proceeded to go through the upgrade. It was fast and easy and everything was in place. That is when the real fun began. I could not log into my WordPress admin panel. I entered username and password and got the white screen of death. No error message, just a blank white screen. I still did not panic. I’d read about this issue and knew it was common so I surfed the forum for the fix.

After seeing messages on the WordPress Forum that insinuated idiots should stick to wordpress.com, I was both insulted and still without an answer to my issue. Oh plenty of people had the issue but rather than answers I was treated to a thread of tech in-fighting. While slightly entertaining to watch techies raise their configs and .htacess in bloody battle, I needed help and preferably in something close to English.

So, I turned to Google where I knew real people would have real answers. After adding lines to the config file, altering my phpfiles and clearing my cache so often I was sure my computer would scream in agony, I could no longer deny that I was in wordpress purgatory. Some fixes resulted in my blog disappearing. I was able to quickly bring it back but never able to log in.

I finally threw in the towel and restored my old version of WordPress. The result? I can log in but my dashboard interface has changed.. I cannot edit publish dates, insert pictures or work in visual mode.

So my advice, if you are like me and a real person who is comfortable with technology, don’t upgrade to 2.6 or 2.6.1. It is buggy and the answers out there do not work for everyone. If your blog is working fine, well don’t break it! If I find the solution I will post it in English and if you have the solution, feel free to share!

Reblog this post [with Zemanta]

Filed Under: Insights Tagged With: WordPress, wordpress 2.6.1 upgrade

The Breath of Change

August 8, 2008 by Karen Swim

Parco SempioneImage by Air Force One via Flickr

Written by Karen D. Swim

Happy Friday! Well, if you’re a returning friend (because here there are no visitors), you may have noticed a few changes here in the cafe. The new custom theme is courtesy of the brilliant Men With Pens. Any bugs, or errors are courtesy of yours truly! I am still unpacking boxes and moving things around so please bear with me while I make the place nice and comfy for you.

I am a big fan of change. I move my office and home around all the time. I find that the physical change somehow provides me with a new perspective and revitalizes my energy. However, I am aware that some changes can shake us from our comfortable positions and force us into unfamiliar patterns or routines. Rather than energizing, we may find ourselves initially drained and more than a little cranky. A new job, or a physical move immediately come to mind.

When I engage in a physical move I tend to do it fast. I hate the transition phase so clean and unpack everything immediately and put it away.  I will work until I am so exhausted I can no longer stand but I will go to bed on fresh sheets with no boxes in the house. However, once moved,  the decorating is never done. There is always something more to be planted, changed, painted, taken away, well you get the picture.  Yet, it’s not a chore but a journey that is savored with each step.

I moved the blog from blogger to WordPress and that was the “let’s roll, get it done” phase. Now, I am taking my time to savor the decorating. So, I’ve tried to clean it up so that you have a comfy experience and don’t trip over boxes, but there’s still work to be done.  I really and truly enjoy each and every one of you and hope that we can continue to entertain one another in this new space under the bamboo tree.  And hey, there’s even room for more, so feel free to invite a friend or two. 🙂

Zemanta Pixie

Filed Under: Fierce Friday Tagged With: new theme, welcome, WordPress

Copyright © 2023 · Legacy Theme on Genesis Framework · WordPress · Log in