So, on Friday, I login to WordPress to start a new post and keep momentum going, when suddenly all my plugins disappeared from the WordPress dashboard!
There I was , flushed with the excitement of finally getting my blog up and running and the first post live and I hit what I thought was a technical issue already.
In fact, when I tried to re-install the plugins WordPress couldn’t do it because the folders already existed.
So I started Googlling and slowly it dawned on me that my site had been hacked. Turns out to be a classic case of the timthumb vulnerability. Niw, until Friday I didn’t even realise that I was using it! Turns out it is the in built image resizer in WordPress.
I initially found a couple of good posts about how to clear the hack yourself here ..
Both good articles and started working through but then realised that –
- I wasn’t sure how much config of my theme and plugins I was going to lose. Even though the site is new I’ve made a number of small customisations and trying to get them back by replacing the odd file here and there is going to be painstaking.
- I value my time too much! I’m trying to determine what my process is for identifying a niche. Putting my blog back together again is going to take ages.
- Even if I fixed it, how sure would I be that my site was completely clean? I could be back to square one in a matter of days.
So in the end I went for the option with the people at Securi.
They run a service for $89.99 where they will clean your site and also provide support for the next year. Absolute bargain. Like I say, sometimes it’s easier to scrimp but I put a basic value on my own time of £50 per hour. So if something is going to take me more than an hour or so I have to weigh up if it is, in fact, cheaper to outsource it.
I have to say that their service is great. Initial response within an hour and site completely fixed with 8 hours of placing my order.
So now I’m back up and running again and resume my research rather spending hours and hours trying to get my site back to normal.
Another thing I would recommend is to install the Exploit Scanner and run it every week or so.