In which my three day-long outage is explained.
Yeah, so, goblinbox.com has been down for over three days now. Here’s what happened:
Somehow someone managed to upload PHP files onto the server goblinbox.com lived on. Some if not all of those files were placed in subdirectories of my domain. On April 1st, my hacker friend started running those malicious PHP files. On April 3rd, s/he tested the new Bank of America phishing site that was running in a subdirectory of goblinbox.com.
April 7th, Planet disovered the site and shut my domain down.
April 8th, I discovered I was down and contacted Keef, who told me I’d been hacked. I thought about it, then texted him to tell him that my guess was they’d come through my WordPress installation. (I’d had to reset my WP password twice on Friday.)
Keef told his partners what I’d said. I think they took that as an admission of guilt or something, but the reality is that I have no idea how the hacker got in and I want my site turned back on now.
I hate it when goblinbox.com is down!
Mysteriously my host has decided that the hack came through my domain and they won’t turn my site back on until they feel confident that my site is secure. If the hack did come through my apps, I haven’t seen any evidence of it.
Right now my site is tighter than a virgin. I’ve spent hours on it. I’ve got .htaccess files all over the place. The thing’s so snug I’ll barely be able to move around in there… if they ever turn it back on.
Turns out that my site was not the only one compromised. My site was not the only one with world-writable directories in it. My site is, however, the only one on the server that is still suspended.
I think I’m gonna move my domain. Again.
Update: They finally turned goblinbox.com back on. I am so relieved. I get stressed out when my baby’s down.
Hopefully keeping this baby locked up will be adequate. I hear the admins have installed some nifty stuff too, and upgraded software here and there.
I wish I had a moral, but since I still don’t know how the hackers got in I don’t know if I’ve actually learned something or not. *shrug*
As you were, my babies.
(This post was imported from here.)
If you enjoyed this article, please consider sharing it!
hola! glad you’re back posting. 🙂
for what it’s worth, i love my godaddy hosting acct.
Glad to see you back! I think I was going through goblin withdrawal for a while back there.
Welcome back!
Thank you thank you thank you! It’s great to *be* back! I get all freaked out and unhappy when the ‘box is down. I especially hate being down for three whole entire days… it’s like Chinese water torture. *shudder*
stupid hackers.
The most important thing is that the ‘box did not leave the building forever!
[…] I’m backing up and upgrading to the latest version of WordPress, the application I use to run this site; it’s a security update. Safety first! It’s also been out for a couple of months, which makes me an asshole. Especially considering that I may or may not have already been hacked once before through an unupdated version of WP. […]