Anything that can go wrong, will go wrong. That’s Murphy’s Law. Over the past week or so, everything seems to be going wrong…
On Saturday night, i got an email saying one of my sites was down. It was a private collaboration type site so it was no big deal (or so i thought). I said i’d fix it tomorrow (meaning Sunday). It turns out it wasn’t just that one site that was down, it was several of my sites including this blog. All hosted on the same server.
The server itself hadn’t been hacked, but my control panel at blacknight had been. Somehow. Everything had been nuked. All databases, all site files, all ftp accounts, all domain configuration settings.
I contacted blacknight and they helped me figure out what had happened. On Saturday 19th February at 10:09pm, my control panel was accessed by a strange IP address. There were zero failed login attempts from this IP, so they knew my username & password (unless they got REALLY lucky!). I’m making progress at figuring out how they may have have gained access thanks to some server log files. Once i’ve enough info gathered i’ll be sending it to the IP’s ISP (British) and i’ll see what they have to say about it.
The show must go on…
Although it’s not nice to wake up on a Sunday morning and see you have ‘no databases’ online or ‘critical errors’ when you try to access sites, it’s all part of the hacking game. There’s no point in crying over spilt milk, all i can do is beef up security across all sites, increase the number of backups i’m taking and finally, work on hunting these guys down and surprising them, like they’ve surprised me 😈
It took me about 2 seconds to realise my main problem wasn’t the hackers, it was getting things back to normal ASAP. My 400 day+ blogging streak was under severe threat. I asked myself “Do i have backups?” and “How recent are they?”.
For this blog, i was well covered. Almost the same with theleavingcert.com. At least in terms of databases. I get them auto emailed to me every week for smemon.com and every couple of days with theleavingcert.com. As for site files, most of my sites are powered by wordpress, so all the files consist of are default wordpress files and perhaps some images. The theme is probably the most important bit in any wordpress folder and thankfully i had copies of the themes offline.
Still, i wasn’t happy with databases that weren’t bang up to date… particularly on theleavingcert.com as there’s a fair bit of content added there daily. So i asked blacknight if they could recover anything and thankfully they could. Speaking about blacknight, they were nothing but helpful and did their best to get everything back for me. Even on a Sunday evening Michele contacted me on twitter and did his best to help.
Right now, the blog is obviously back online. I’ve taken this as an opportunity to revamp things a bit. I’ve ditched plenty of plugins & put live a new theme i’d been working on. The new theme is by no means finished, but i figured as may as well send it live now as it’ll force me to work on it. The main change as you can see is the logo / header. I wanted it much smaller and tighter.
Twitter Account Deactivated
Just when i thought things couldn’t get any worse online for me, i logged in to twitter this morning to find this message;
Fantastic. This was about 10.45am in the college canteen and i’d class at 11.00am. I had been playing around with a twitter plugin for this blog and in order to connect the blog to my twitter, i needed to login to my twitter account and authorise access. For whatever reason, when i logged in it deactivated my account immediately and i was greeted with that message above. Crazy stuff.
For a split second i thought someone was targeting me and somehow hacking all of my accounts and shutting down my online presence completely. Paranoid? Possibly, but in this case it turned out to be a horrible bug and lots of ‘bad luck’. The chances of it happening again are probably zero.
I contacted twitter in the middle of a lecture and within about 7 or 8 hours i had my account restored, again that’s pretty good service considering i’m not paying twitter anything!
A few weeks ago i noticed the aerial of my car missing. I thought somebody had just stolen it (they just screw out). Whilst i was annoyed, i knew getting an aerial was no big deal. Upon further investigation, it turned out the aerial and the base that holds it had been snapped off. This made me more annoyed, at least if it had of been stolen i could semi-understand the logic in it. But to just snap it off and destroy the thing just for the hell of it is pointless.
Last weekend then my aerial-less car was again targeted. Somebody kicked the side mirror, smashing the back of it off. They also left a big boot print on the passenger door, but luckily no visible dent.
Too busy to care
The reason why i didn’t blog about the car vandelism when it happened is because i didn’t want to focus too much on negative stuff. It pollutes my train of thought. I’m trying to adapt my writing style and thought process for my dissertation but it’s stuff like this which is hugely distracting as it’s at the forefront of my mind.
I’m hoping this run of bad luck will end soon and i can get back to normality but it’s gonna take several weeks before i’m completely happy this site or any others. On the plus side, i’ll be taking more frequent backups of all sites plus i’ll be stepping up security and making sure this doesn’t happen again. I’ve had spam and some ‘SQL injection’ before (on older, unloved sites), but nothing like what has happened over the weekend. I have to just chalk it down as experience and move on.
I’ll also be posting some security / backup tips on this blog too. It’s amazing how quickly you learn about this stuff when you have to learn about it. Nobody /no website will ever get to the stage where they’re hack proof, no matter what plans they have in place but knowing that in itself is probably the best security tip you’ll ever get 😉