O

Of course it had to happen (although I still don’t know why or who by) but a few days ago my site was comprehensively hacked.

The first I knew about it was an message from my host saying that there was a script running permanently on my server which broke their terms and conditions. We couldn’t track it down and despite reinstalling both WordPress and my content it persisted. It was located somewhere in a plugin that allows the images to be shown on my site, called TimThumb and it’s a well-known attack.

The only way to solve it was to start with a completely clean install on the server and manually upload all my content again!

Lessons learned?

1) Backup everything. I now use a commercial service called Locker by Code Garage that runs in the background and offers me peace of mind

2) Upgrade WordPress and installed plugins to their latest versions. TimThumb can be updated automatically by using another plugin called “TimThumb Vulnerability Scanner”

3) Wonder why there are such mean people out there…