What to do when your Blog is Hacked

 

What to do when your Blog is hacked

 

The most heart-wrenching thing that can happen to you as a new blogger is for your site to be hacked. You will virtually break out in cold sweat, I know because that was what happened to me on Mother’s day this year when I checked my page and saw that I had been hacked by some bad guys. I said to myself here am I struggling to get page views and rank well on Google, I don’t get found by people who need me but by hackers.

Before my site was hacked, there was an international Brute force attack taking place then, where people’s computers were been taken over until they paid a ransom before it could be re-opened, I felt it didn’t concern me that much because I just started my blog and what could they want with my tiny Blog. But the world we live in has changed so much that we all need to be extra security conscious. When I started my Blog, I was just interested in churning out posts and promoting them. Trust me, security was the last thing on my mind, but hacking is the one thing that helps reset your priorities.

Not securing your site is like putting your goods in a store without a lock and key, you are virtually saying anyone could walk in and take your goods away.

After going through that experience, here are 7 things to do when your blog is hacked.



Calm Down and Think:

The first time you experience a hacking of your site, all sort of things will be going through your mind, for me, I was wondering does that mean I have to start all over to create all the posts that I lost? because once you are hacked, you can’t see your posts anymore. I can remember the first time I tried logging to see my blog from my phone, a black page just appeared on my Blog with the inscription Slowey kan, I thought it was some kind of advert, I had just implemented ads on my site then. But when I became suspicious was when the page won’t go way, I was like even if it was an ad it shouldn’t take more than a few seconds to go away, but there it was staring at me as if you can’t do anything I am here to stay.

I quickly ran to my laptop and logged in to my admin page that was when I saw some ugly script on my admin page that won’t go away. I refreshed my page and it was still there, that was when I literally broke down in cold sweat. My palms clammy, I began writing to my hosting company. When they saw the screen shots I sent, they were the ones that informed me that I had been hacked.

That was when I knew it was hacking that took place, I just kind of began to wonder what now?. How do I fix this? I wrote them asking what I should do, I was then told they will clean up the site and restore all the corrupted posts at no extra cost. I was quite relieved because I had Googled some company who promised to clean up my site at about a 100 dollar or so.

Write your Hosting company:

When you are hacked, the first thing you should do is to write your hosting company, they will give you some instructions to follow after they have cleaned up your site, that’s assuming your Hosting company is the type that offers to clean up your site after it has been hacked. I was glad my hosting company  Jvzoo. went into action immediately to restore my site and within 24 hours they were able to restore my blog back except for 2 posts which came after the last backup they had of my Blog.

They also gave me a host of instructions to help prevent future attacks, I can’t be more thankful as I thought I had lost all my months of hard work and have to start over again. Thankfully I do not have to. If you had like to sign up with my hosting company click here Jvzoo.

I only had to restore 2 posts that came after that. Because I pre-write my posts on Word document which I keep on my computer, I was able to easily restore those posts.



Inform your audience:

My Blog was hacked on a Mother’s day, wahoo, they really got me, just when I had been promoting my Mother’s day post, people will get to my blog and can’t access it. Since I couldn’t possibly work on that Blog for a while, I decided to write to my email list informing them of what happened, I also sent the post directly to their mailbox, I don’t want them missing out on what I had put together for the Mother’s day celebration.

Restore your Plugins:

After your Blog is cleaned up, apart from the posts that have been restored, you will find that your Plugins are absent, your site is as good as brand new, with no plugins whatsoever, so you will have to start all over to add your plugins, the first I added back was my GA ( Google Analytics). Thankfully my page data was restored. The next thing I thought of was my social shares for my older post If I lost that as well, all my posts will have zero shares.  Who wants that? if you are a new blogger, am sure there is a certain amount of satisfaction you get from seeing your share numbers climb, you wouldn’t want to start rebuilding that for any reason. That’s why I recommend using Social warfare for your share buttons. Because I was using them, as soon as I reinstalled my share buttons all my shares were back pronto. If I had changed I bet I would have lost out on the old posts. Click here to  get Social warfare

I did try to use another share button but the functionalities weren’t so cool so I went back to using my Social warfare, I think they have one of the coolest share buttons by the way.

Start your securing your site immediately:

To secure your site here are things that need to be done

1-Scan your computer with the latest and updated antivirus and spyware, make sure its virus free.

2-Reset all passwords, including email passwords, database passwords, Cpanel passwords. Verify your email account from the control panel.

3-Your new password should not be simple, use a password generator to make a new password. Click here to get to a password generator. To ensure the strength is good, click here

4-Do not store your passwords in email client browser and FTP client.

5-Make sure you log off from your control panel after use, do not share your passwords with anyone or write it down anywhere, memorize it.

6-Make sure your computer does not have any keyloggers, click here to check

7-Install only Plugins that have good ratings and are from trusted source, you can read my post on Plugins to see what you should look out for when using a Plugin on your Blog

8-Ensure that all your Plugins and third-party applications are all updated.

9-Change pre-configured passwords to new ones that will be difficult to guess by an outsider.

10-Change your database password to a strong one using the resources mentioned above.

11-Do not re-use passwords, ensure also that you update your changed password on wp-config.php

12-Change your prefix table from wp_ to a new one, hackers often use this to inject their codes which cause malicious damage.

13-Change your admin login page from wp-admin to something else, if you are still using this default, the hacker’s job is made easier because they only need to guess your password.

14-Dont keep unused themes and plugins since hackers often use it as a backdoor to set up access to your site.

15-Change all defaults: Posts, comments, directories names, it’s usually easier when setting up WordPress, if you are already set up then you need to go to settings—Miscellaneous( in your admin controls) to change it.

16-Restrict the amount of Login Attempts anyone with admin access can do on your site, you can use a plugin to do that.

17-install the Plugin disable Xml-rpc on your site, this plugin supports jetpack in securing your website.

18-Do a peremptory scan of your blog once in a while, I recommend using wordfence gravity scan, its free and you can use it to determine the vulnerabilities on your Blog.



Get a Good Security Plugin: 

Another way you can help secure your blog is to get a good security Plugin. I personally recommend Loginizer security Plugin because it has the following features:

-Recaptcha verifier

-Two-factor login verifier

-Passwordless login ability

-Disable xml rpc

-Ability to change your login URL

-Ability to change your wp- prefix

-Limits multiple login attempts

I also recommend Wordfence: Wordfence alerts you anytime there is successful login into your website. It also blocks out targeted attacks on your Blog.

Check for Broken or dead links:

Check all your initial posts especially the ones you have put on Pinterest for dead links. When I restarted my Blog after the hack, I discovered that some of my posts were turning up missing page link, so I repaired the links by editing it on Pinterest to reconnect them to the post on my blog.



 

 

7 must have plugins for a newbie Blogger.

7 Must have Plugins for a Newbie Blogger

Plugins are essential for the smooth running of a blog. One person likened Plugins to the plumbing’s you need in a house to enable it to have some functionalities that make it better to use.

Officially according to Wikipedia a Plugin is defined as software that adds extra features to an existing computer program thereby enabling customization of that program. For example, when you add a social warfare plugin, you can enable your social media buttons on your page in other for people to share your content.

As a new Blogger, that is just starting out, there are various terms that may seem new to you, one of them is Plugins, when you start out you may wonder if you need them or not, but as you get along the blogging journey you tend to discover that they are a necessity especially if you are not Techie and you don’t want to outsource any part of your blog build up due to lack of funds.

If you are like me, with little funds to spare and you get to realize that you are going to be working daily at this Blog, It is better to learn the necessary things that are required to enable you to run the blog efficiently, hence my adventure into the use of Plugins.

Plugins are like lifesavers, especially if you have been trying to get something fixed and you have wondered how it is done, only to realize that a plugin could easily do it for you without much stress. For example, when I wanted to verify my Pinterest site, I tried uploading my HTML tag but I couldn’t do it. But once I used my Yoast SEO social, it was done instantly. I was so happy the day it happened that I went about smiling all day.

 

Having learned a few things since I started my Blog in March, here are some Plugins that I know you can’t do without.

Akismet: Akismet is a plugin that enables you to protect your Blog from spam attacks, it’s the first thing you must have before you ever launch your Blog. You don’t want to start battling with Spam attacks from day 1, they can mess up your Blog posts especially from the comments section.  Before you can install Akismet, you have to get what they call an API key, consider your API key like a house key which you need to unlock the door to your house. Your API key is gotten after you have registered with the provider of the Plugin. it’s after you key in your API key that Akismet can start working. If you are using the JVzoo Host, you will find that the provider of the WordPress site already comes with the Akismet already pre -installed, you just have to network activate to get it running. To sign up with my hosting company click Here: Sign up now for hosting

The good thing about it is that its free and open source, you don’t have to pay a dime once you have it installed on your system. You only need your updates once in a while and it’s still free.

Google XML sitemap: Wow, this is the second must have Plugin, it helps you index your Blog with most search engines, like Google, Bing, and webmasters. When I started my Blog, I didn’t know much about this plugin, I thought that once you enable the settings through your admin section that authorizes search engines to index your website that was it. But I soon found out I was wrong because when I typed my web address, my blog never came up. So I read up some more on it and I found that I needed to submit my website to various search engines for indexing, I tried to but the process was a bit complicated for me until I discovered this plugin, Google XML sitemap that helps one to do it without all the stress of trying to do it one by one.

To install google XML sitemap follow these directions

  • Go to your Admin section
  • Click on Network activate, then go down to appearance and click on Plugin then click on Add new.
  •  Now go ahead and search for Google XML sitemap and click on Network activate, then you can go ahead and install it on your Blog.

 Key things I look out for when installing a plugin

1- Number of installations it has had

2 The ratings

3 When last the version was updated.

4Compatibility: whether it is compatible with the version of WordPress that I use.

All these factors help me to know how well a plugin will perform. This is because if it has 100’s of thousands of active installs or even in millions, it means, many people trust it and are consistently using it. If its ratings are high, chances are also that it is good. If the plugin is constantly updated, that means it’s much less vulnerable to hackers. Old un Updated Plugins are often used by hackers as a backdoor to your website, beware of using them.

Google Analytics: Google Analytics enables you to track your page views and your sources of traffic. This is a very important data if you want to grow as a Blogger. It’s a popular saying that what you can’t measure you can’t improve on. So it’s important that you have your Google analytics installed from day 1 of your blogging activity as this will allow you see your data trends with time. It will also tell you which countries that most of your traffic is coming from. Under its reports, it will also give you the metrics of where your traffic is coming from and where they terminate. It will give you an idea of how your posts are performing. From your GA, you will get to know which of your Posts high traffic attractors are. In fact running a blog without GA is liking flying a Plane without radar.

Yoast SEO: My encounter with Yoast SEO helped me shape my writing skills to better create a rankable content. Yoast SEO has the analysis that tells you if the content you are going to post has a good SEO and also if the readability is good. These two points are important if you want your Posts to come up during a search. The feedback it gives you allows you put down a better write up. It has some basic features and also a Paid feature. You can start with a basic feature and then upgrade to a paid one as you scale. It’s a very good Plugin because it helps analyze your content before it goes live. It has a very good support network and also offers some training on how to use it.

Loginizer: Loginizer is a security plugin you may want to try, because I was a new blogger, I didn’t take my security so serious until I started having attacks from hackers who were trying to hack my blog I wrote to my host company JVzoo who quickly offered me support and advised on what plugins to use to protect myself from spammers and hackers. I picked up this plugin because I didn’t want to go the route of rewriting my admin login configure. It helped to protect my Blog from brutal force attacks.

It works by blocking IPs that exceed a maximum number of trials to log in, a frequent feature of hackers. It also enables you to blacklist frequent IPS that are always trying to Log into your blog. Loginizer is easy to use because it’s just plugged and play. It has a paid feature though.

Social warfare; When I started my blog, I have often wondered how to get my share buttons on my page to enable people to share my content. When your content gets shared, it enables more traffic to come to your page. I was participating in a Facebook group page when someone got my attention by suggesting this wonderful plugin. Social warfare enables you to activate your social media buttons hence enabling anyone that comes to your page to share your content. Since I installed it, I have been able to keep track of my contents shares on social media, it has helped me know what has worked for my posts and what does not work. That way I am consistently working to improve myself.  While I am not yet perfect yet, it’s a journey I am enjoying. To get this Plugin, click Here Social warfare

 

Ebook store: If you are like most bloggers who want to monetize their blog immediately through the sale of their own EBook, then you should try installing eBook store, it’s a plugin that is integrated with woo commerce to enable you to add a cart to your blog site.  It is a paid plugin meaning that if you want to be able to synchronize it with your PayPal account, then you have to pay their monthly subscription in other to have the features that help you receive payment. EBook store works perfectly well if you are the store owner. Another feature that may work for you if you are selling stuff from your Blog is the Shopify app. it enables you to set up your eCommerce store in a bit.

Shopify is a complete ecommerce solution that allows you to set up an online store to sell your goods. It lets you organize your products customize your storefront accept credit card payments, track and respond to orders all with a few clicks of the mouse.

If you found this post helpful, that means you are a newbie blogger, congratulations on starting out on this wonderful journey read this 7 Helpful tips for the home business owner to help get your self-prepared for the journey ahead.

Thanks for reading, Kindly share with your friends.