My blog got hacked last week.
I should’ve known something was up when after clicking on a blog comment notification in my email I landed on a page that declared me a Google winner.
Instead of realizing that I got hacked, I blinked a few times, closed the page (I was on my phone), came back to my email and clicked again. This time around, I got where I was going to — the dashboard.
I fired up my computer and went directly to my blog. All good. I went to my email and clicked on the same comment link, then other links. No surprises there. I scratched my head thinking I must’ve “misclicked” on some rogue link that got me to the scam page, and decided to stop thinking more because that had already been a bit too much brain activity. I just logged out and mentally closed the case.
Next morning I was checking my email. I always do that before fully waking. I find it helps me focus and start my day on the right note. 🙂
And focus it did. See, this is a report I normally get in my email from my hosting company’s daily scans.
But that morning something was off.
And when I clicked through, the message got abundantly clear.
I don’t know about you, but …
Malware is not my thing. So not my thing that I’ve never felt compelled to learn anything about it beyond installing some software just in case. I’ve run my blog for 8 years, and even found sad refuge in the fact that it’s so tiny that no one would want to mess with it.
Because why?
So I splashed some cold water on my face and began the hard task of educating myself on the subject matter. How bad is it when your site gets hacked?
Holy s*it, it was bad!
I found that not only can you lose your own reputation, but you can also get shut down by your hosting provider and, oh the humanity, blacklisted by Google itself!
Turns out not only did I need to fix it, but fix it quick.
But I only saw the hack once – why?
To be honest, the more I educated myself – the more I was floored by the inventiveness and sophistication of the scammers. I’ve learned they may not even show you, the administrator, what they’ve been doing to your site. The only reason I saw it for the first time was probably because I logged on to my account from my phone. I don’t often do that so the scammers may not have known I was the admin. During my subsequent visits they probably knew who I was already.
Repair costs
SiteGround, my hosting provider, is using Sucuri for their scans and it recommended its services for cleaning and safeguarding my blog. I went to Sucuri and quickly found out that their cheapest plan was $199 per year.
Now, $199 is not an incredible sum of money, but, well, it kind of is for a blog that doesn’t bring in a single penny. Which is why a lot of thoughts were racing around my head.
I had almost quit blogging a few months ago—
Because it wasn’t going anywhere anyway—
And now that I was already paying for hosting and the domain and even some other stuff I didn’t even understand …
I had to pay $200 more …
All that just for the privilege of running my mouth on a computer screen when I felt like it?
WTF?
Naturally, being a cheap bastard, I did try to find another way
Jumping ahead, I didn’t find it. But between trying and failing I made a few discoveries.
If you consider starting your own blog, you might want to learn some “technicalities.” You can fix that menace yourself, at least in some milder cases.
Sucuri, it seems, is quite honest about the fact that you can get rid of malware yourself. And it even tells you how.
1.1 – Scan Your Site
OK, that I can do. Well, I mean having others do it including Sucuri.
1.2 – Check Core File Integrity
Uhm … huh?
1.3 – Check Recently Modified Files
Mama!
1.4 – Check Diagnostic Pages
Oy!
But that was nothing compared to what you (I) would have to do next. After identifying the threats, you’re supposed to remove them. Manually!
2.1 – Clean Hacked Website Files (8 steps)
2.2 – Clean Hacked Database Tables (7 steps)
2.3 – Secure User Accounts
2.4 – Remove Hidden Backdoors
2.5 – Remove Malware Warnings
OK, that was enough for me, and I didn’t even bother getting to Step 3 – Securing Your Website from Hackers.
I checked some other Malware protection services
Some of them were a little cheaper, but they also seemed kind of shadier. So with a heavy heart, I went ahead and paid $199 just to be done with it. Hey, at least I’ll get $10 back from PayPal (Discover 3rd quarter PayPal bonus).
My site was cleaned within minutes even though I’d read a few reviews that Sucuri could be slow. I had some questions initially, but they were quickly and courteously resolved via chat. No complaints so far.
You can’t get your money back after you submit the removal request
Sucuri offers a 30-day money-back guarantee, but not if you have used their malware removal service even once, and you won’t know anything about this condition unless you scroll all the way down, click on the tiny terms of use link in the left corner and stumble on the Termination clause on the next page. While I thought that the clause itself was fair to prevent folks from signing up just to remove the malware and cancel the service, the delivery was quite sneaky. We all know how people enjoy reading the small print. That’s a gotcha thing, no doubt.
Other than that, the only thing I wish is that they offered a more affordable plan for small bloggers like me, but oh well.
Should you pay for malware protection and (potential) removal services?
If your website is not a moneymaker, I’m not convinced. Like I said, I’ve run my blog for 8 years, and never had a problem like this before. But it’s important to react quickly, and there are free plug-ins including Sucuri if your hosting provider doesn’t offer a malware scanning service.
If your site does get hacked, you can quickly sign up for a security service and get it cleaned. Better yet, try to learn a few tricks so you can do it yourself. Now, for a commercial website, the math is completely different, and one would be foolish not to protect themselves the best they can.
A couple of questions for my readers:
- Did anyone notice anything weird on my blog last week?
- Anyone else have gotten hacked? How do you deal with it?