Let’s talk about websites and malware.
I have spent the last three days fighting some malware that got into some websites that I built. Well, actually, I spent 6 hours fighting it and the last 24 hours cleaning up the mess it made.
It all started Saturday when I received a text from a client about their website being down. A couple of clicks around and I quickly realized they were ALL down. I’ve been hosting websites for awhile through my provider and I have never seen anything like this.
To make it just that extra special, I had a teething 6 month old stretched across my lap, wailing the afternoon away after dinner hurt his soft little gums, all while we are trying to sing “Happy Birthday” to my father-in-law as my husband’s entire family was visiting.
So now I’m like, “I need to take care of this”, all while the baby is curled up on my chest inside his “only this will do” blanket. Just wailing. Crying one of those “only mom will do” cries, and I had my trusty “old cell phone with white noise” playing as I called the 800 number brazenly displayed across my login, not really knowing what I was getting into but knowing that I had to solve this quickly. I finally get a hold of someone and she spends 3 minutes asking me if she can call me back on that same number because of static on the line, all while I’m trying to explain it’s white noise for my baby.
“So this is going well,” I think.
A couple of minutes passed by on the phone and it turns out that a lot of hosting companies want you to pay this company called SiteLock to manage the security on their hosting. And they’re willing to help you at a very discounted price of $10 per month per website, and they even will tell you that they enter your website into this nifty Google scanning website (THAT YOU CAN ACCESS ON YOUR OWN, BY THE WAY, here it is, right here). Oh, and they want you to sign up for a minimum of six months before they’ll even help you. Seeing as how I’m pretty confident in the files I loaded into the FTP system myself, I politely let her know I’d consider it and get back to her – because an extra $800 in business expenses is NOT in the cards for me right now, lady-who-just-paid-quarterly-taxes.
But through this 45 minutes of “oh fuck”ery, it becomes painfully obvious that all of my websites have been taken down for malware. Commence freakout, but try to remain calm because the baby can pick up on your vibes, right? I believe this is what all of those horribly outdated concept deodorant commercials were preparing me for.
So yeah. About this time, the family has started Mad Max Fury Road, just in time for me to put the baby down to sleep for the night, when, thankfully, I could pop open a bottle of wine and get to work. LUCKY for me, I discovered that my hosting provider (the same people who told me to call Sitelock) will automatically generate a *.txt file on your drive and list EXACTLY where all the malware is. The only thing left to do after erasing that is to contact support and get them to reactivate your account.
I have to admit though, charging into files upon files upon files to look for this completely villainous shit while Furiosa kicks ass as my audio wallpaper and takes names was a new adventure.
Of course all of that was punctuated by myself tip-toeing in the dark, down the hallway, into the baby’s room to try and get him back to sleep, while everyone else sleeps. Lately we’ve been allowing him 10 minutes or so of settling down/crying time to get to sleep and get back to sleep, but I could tell by the monitor his little ears were hurting him too much. I think around 10:45 I gave in, pulled him out of his crib and brought him to sit in his little chair in my office and make goofy faces at him while I was waiting on files to delete and my FTP to refresh.
But, alas, mom is awake while everyone else in the house is asleep, calming babies and kicking ass. I even fed him quietly since he refused to eat peas for an audience. This was the first time anyone besides his parents have watched him down an entire thing of baby food. Can’t say I blame him.
The entire ordeal was completed by midnight. Well, it was past midnight when I started texting clients that their websites were back up. To celebrate, I pulled up “Still Alive” and gave it a listen or two before putting the little man down (for a bumpy night, he ended up in our bed around 4 a.m.).
“Still Alive” is the ending credits song to Portal, a game that’s almost a decade old (FUCK) but still one of my favorites.
I spent Sunday morning cleaning up WordPress plugins that needed to be deleted the night before, and making sure everything was operating as it should.
If you happen to run into this situation, or are thinking of freelancing CMS websites (WordPress, Joomla, Drupal, etc): I highly advise checking out the following links:
How to Remove Malware From Your WordPress Site
I found the above link to be really helpful, if you are unable to have a handy list of malware locations at your disposal. Really the only part they left out was to make sure you go back and hit Settings > Permalinks > Save Changes, which will rewrite all of the internal page links in your WordPress setup.
CMS Security TIps
This write is so legit I may start sending it in my “Congrats/Sign Off” package. Yes, WordPress website are open source and, essentially, free – but they still take a lot of technical knowledge to set up, and require a lot of extra work to make the administrative side truly user-friendly enough for the average person to manipulate a webpage.
How to Make Your CMS Truly Hack Proof
Not surprisingly, a very vulnerable area is the login page. This article has a lot of information why.
I think what I’m really trying to convey, is please don’t start a website building business if you aren’t prepared to handle these sort of situations on your own. You’ll really lose your ass in time and funds pouring them out to these hacks who want you to sign up for monthly monitoring for things you could handle yourself.
My websites are now like…
I feel fantastic and I’m
STILL ALIVE.
