While it caused me to miss nearly an entire night’s sleep on Sunday (as well as waste hours of time), I attempted to access the site this afternoon… and was let in! For now, it seems like everything is back up and running.
A few lessons learned and what you can expect from the site from here on forward:
- Google is quick to protect, slow to respond. I’m glad Google flagged “badware” on my site as I was unaware that someone had hacked it. This was done to protect the general Internet public from being infected. However, while Google blocked my site very shortly after discovering the malicious links, I would have appreciated a similar response time to my request to re-review the site. Had this been a business site, I would be more than “anxious” over losing access to my site; I’d've been furious and considering legal action.
- Security is, indeed, everything. Bad people are out there. I know that now. Why would someone care to hack my measly personal web site? I have no idea, other than to use it to spread evil. Because of this, I have to even more tightly restrict commenting on the site. Until I get my plugins back up and running (Facebook Connect as possibly one of them), you’ll need to ask for and get approved for an account on our web site. You’ll then need to be logged in to comment. I know this is a pain and will probably stem the already meager flow of comments, but I simply don’t have the time to go through this mess again.
- I need to be more cautious. I have been a bit reckless with plugins and extensions for WordPress (this page) and MediaWiki (the “wiki”) without even attempting to understand how each one works. Some of these – namely, the Twitter and Facebook plugins – actually pull in information from other sites. Were those sites to be affected/infected with badware, it would instantly stream to this site. Until further notice, I’m removing any plugin that does this. On the plus side, this should make the site load much faster!
- A webmaster’s job is tough. I admit that maintaining this site is just a fun hobby. That said, it’s times like this that make me appreciate the job of a webmaster who must maintain 24/7/365 vigilance over the security of a web site. While I had the potential to lose years’ worth of stories, photos, and personal interest information, this is nothing compared to the personal, financial, and other sensitive data that is at risk every day on millions of web sites around the world. My hat is off to you folks!
On a separate note, I apologize for the “downer” tone in my post over the weekend. In my typical pessimism, I was convinced that all hope was lost over recovering the site, which was a great disappointment. I am very thankful that things worked out and I can continue to post the latest about the kids and other musings.
Powered by FireStats