7

My Blog Got Hacked! Here’s How to Protect Yourself.

Hack #1:

Recently someone hacked into my blog.

They somehow got access to my server. Then they put a malicious script on my site. This script was used for phishing (trying to get get information such as usernames, passwords, and credit card details).

I didn’t notice this happening at all, but Google did.

And you know what Google does when they see a phishing script on your site? Yes, that’s right. They stop displaying it in the search results. Not just the page that does the phishing, but the entire site.

Which, if you’re making money from your blog, can be devastating.

And anyway, just the thought of someone using my server to still private information is sickening enough.

This is actually not the first encounter I’ve had with hackers.

Hack #2:

Last time a hacker touched my site, they replaced my Amazon affiliate id with theirs. So when people came to my page and then bought on Amazon, he got the commissions instead of me.

By the time I figured it out, I lost plenty of money.

Hack #3:

My husband (Seth) got hit through his blogs repeatedly.

One of the hackers was very smart.

Every day for a few hours they would switch Seth’s Adsense id with theirs. Then they would get all of his Adsense commissions. After a few hours they would switch it back so that he wouldn’t notice.

This was very hard to catch, because Seth was still getting commissions. He was just splitting them with the hacker. And the hacker got paid for Seth’s hard work.

Not only that. It took months to clean up the server and get rid of all of the files the hacker left there.

So What Else Can Hackers Do To Your Site?

Actually, if you do a quick search online you’ll see that blogs get hacked on a regular basis.

Here’s what a hacker can do if they get into your blog:

1. They can put spammy content, hidden pages, or hidden links on your site. You may never see them, but Google will (there go your rankings).

2. They can use your site for spreading malware – software that causes damage to others. Google absolutely hates that. And so do all of us…

3. They can use your site for phishing (what just happened to me). This can get you shut down by your hosting account, and/or delisted by Google.

4. They can redirect some or all of your visitors to their own site. Visitors never see your site – they just automatically go to the hackers’s site.

Often they redirect only visitors who come from search engines, so you don’t even notice. Here’s an example of this actually happening (an old post but still relevant).

5. They can also redirect only search engine bots. That way you don’t see anything wrong. And neither do your visitors. But the search engine bots get redirected, think that your site has moved, and will eventually stop displaying it.

The Google Webmasters forum is full of people reporting this kind of hack. See this one for example, and this one as well.

If you do a search for ‘googlebot hacked’ you will find a lot more.

You can read more about hackers and what they can do to your site on Wikipedia.

Here’s a video I once made. In it I reveal some surprising hacks:

This can happen to you too.

How to Protect Yourself

Here are things you can do to protect yourself:

1. Always upgrade your WordPress and plugins as soon as an update is available.

2. Make sure you completely trust anyone who has access to your blogs

3. Remove old software, WordPress themes, and plugins that you do not use anymore.

4. Make sure you use a good host that updates their software regularly.

5. Make your backups of your sites.

The 2 most important things to do are regular updates and backups.

I know this can be a pain to do, because logging into each blog you own and updating it on a regular basis is a pain.

That’s why I recommend you get WP Pipeline. It will allow you to make backups and updates with a single click – for all your blogs at once!

One Last Thing

There are a few other simple tweaks you can make to your blog. You just do them once but they will give you security in the long term.

I wrote a report explaining what to do. It’s simple – just take a few minutes to implement these tweaks. It’ll save you the hours (and money too) you’ll have to spend on restoring hacked sites.

You get this report free when you purchase WP Pipeline. Just get it using my link and then contact me at my Help Desk with your ClickBank receipt for your bonus.

It’s something I highly recommend. Because if it blocks just one hacker from stealing your commissions or getting you delisted, it’ll be worth the investment.

Stay tuned…


Click the 'like' button to tell me you want more posts like this:

Related Posts
No related posts for this content
Click Here to Leave a Comment Below 7 comments
Joey

Thanks for this post, Sara. This stuff is so scary. I’m just glad that there is something that we can do to try and protect ourselves.

Reply
John Reed

Thanks Sara, I’ve only had older, non profit making sites hacked so far but you’ve reminded me to get cracking and organise my security.
John.

Reply
Ric

Sara, thanks. It’s definitely a major nerve-wrenching, time-wasting pain when your site gets hacked. That happened to me twice where phishing scripts were installed on my sites. Google sent me an email informing me of the hack and my hosting provider shut down my hosting account which shut down 15 of my websites. I finally was able to correct the problem and get my account back up, but it took me several days to get things going again and it was several weeks before my traffic returned back to normal. I now always install a firewall and login security plugin on my sites and haven’t had a problem since.

Reply
Sunil

Thanks a lot Sara. Really thanks for sharing this vital information! Even though I’m not making any money, its better to get protected beforehand than nothing. I can’t wait to get that plugin from you. Hope its not too expensive!

Reply
Andrew

Sorry to hear that you got hacked Sara, I hate cheaters, that’s all they are is cheaters trying to skip the hard work and the time it takes to be successful, what’s funny is that if these hackers put in the same effort into a legitimate business like an e-commerce store or affiliate site, instead of coding viruses and website hacks, with the right teaching they would probably do pretty good.

Thanks for the tips Sara.
.Andrew.

Reply
Daniel Last Long

Thanks Sara for this valuable info.
Feel sorry about your bad experience.
My sites were also ever hacked but it seemed not for phishing. It came from Pakistan which changed the script in index.php, so the site main page was changed accordingly with some message “Site was hacked by…….bla bla”, sounding the protest against “Innocence of Muslims” movie.

Reply
Joyce Knake

Thanks sara. some time ago someone stold the name of my website but I didn’t think about hacking. I did buy the wppipeline and hope I can get it all installed.

Reply

Leave a Reply:

Get Updates From Sara

Enter your email below and you'll be notified when Sara adds new updates and free training workshops:

x