Can your blog get hacked . . . ?
Thursday, June 7th, 2012
The blog you are reading is a WordPress blog. If you read the last post on our blog in the recent past, you would not have realized that it had been hacked, because it was invisible. Don’t worry, it caused you no damage. It only caused us damage.
First, some background: I had installed an earlier version of WordPress back in 2010 on our photography website as it is good for SEO to have a blog inside the domain, and for informative purposes to our readers. Then, a banner came up from WordPress that an updated version was available and that I should update. Anyone with experience in computers knows that updating can go seriously awry and you could lose all your posts or information, and it is best to back them up. Of course, this is time spent, and no one wants to do all this preventative work, but I grudgingly did that with the help of my hosting company, and did the upgrade to version 3.1.3 or something like that . I clicked on “update” and held my breath, and it worked.
About 6 months after that, I got another notice that a newer version of WordPress was now available with more security (I forget which number). I thought, “Oh, boy, here we go again,” and went through the motions again. This time, it didn’t work. The update notified me that the server our website was on did not have a high enough PHP protocol, and that the update could not take place. So, I left it where it was at. I called my host and they said that the server I was on did indeed not have a higher PHP and that I would have to move to another server, and there was a procedure to do that, and I would have to put it in writing that I wanted to move to another server. I didn’t want to hassle it, reasoning that I would see if anyone hacked the blog, as it would obviously show up in the blog reading . . . or would it? I have been getting warnings from my Google webmaster tools account that I needed to update my WordPress for security reasons. I just shrugged it off. It was too much work.
I went to my Google webmaster tools site last week, and updated the XML sitemap to our website, and while there, I thought I would check the optimization for keywords. I was very upset when I found words of popular drugs for ED in my keywords, along with a pet supply store. I didn’t put them there!
How could anyone put them there? I have a reasonably strong password, and I don’t give it out. So I went to check out where they were in the blog. Lo and behold, when the blog posts were in edit mode in HTML, there they were, plain as day. But they were invisible to anyone reading the blog on the web. Someone or something had inserted HTML links interspersed with my text, some even intersecting words, but not showing up in the blog. I called tech support at my hosting company. The person I talked to could see the intrusion, and told me it was due to a low PHP protocol and low security in the earlier version of WordPress. I asked him why anyone would do that, seeing as how there was nothing to click on or any change in the visible information in the blog. His opinion was that the links were inserted for backlinks to other websites for their SEO. One of them was a pet supply house. So, somebody had hired someone to do their SEO or web work and they hack WordPress blogs to increase the SEO of their clients. Pretty underhanded! It can have the result of lowering the weshoot.com page rankings.
So, my path was clear. I formally asked in writing that all my domains be moved to a more secure server with as high a PHP as possible. It took a couple of days for the move to solidify. I backed up my domains in a full backup. I updated to the newest version of WordPress. Once everything was complete, I spent a whole day removing all the inserted HTML code from each old post (sometimes they had more text in their links than I had written in our posts), and will be very vigilant from now on.
If you have a WordPress blog, take a look at old posts in HTML from time to time. You may get a surprise. Update to the newest version of WordPress ASAP. Weshoot.com is lucky. We have a cooperative hosting company and they had a more secure place for our website with a higher version of PHP. Make sure that your hosting company does, too.
-Gary Silverstein