My wordpress got hacked

Last week while doing some Google searching, I notice my SEO meta data on this site had been hacked. Oh joy… A little poking around quickly confirmed the issue/problem. Oh joy, again… Time for a little cleanup. Thought I’d share the process in case any of you find yourselves in this predicament.

The process:

  1. Make a backup, just in case things go horribly wrong. For me, since I knew what I wanted to preserve, I just grabbed a copy of my database and uploads folder.  If you’re not familiar with WordPress, you might just want to grab everything.
  2. Quick assessment/documentation of the site – plugins, theme, site configurations – anything you’ll need to put back.
  3. Decision time: to clean it up or blow away and start fresh.  For me, I decided it’d be easier to blow everything away and start fresh – I only have about 500-ish posts and only about a 100 or so uploads.  And this site has been through various themes, conversions, etc., so the database, along with the hack had grown way beyond anything I wanted to try and clean up.  Miss something and all that effort could go down the drain, so it’s was just easier to start fresh.  Your mileage may vary.
  4. Next I disabled any plugins I wasn’t interest in keeping – an attempt to make the export process as clean and simple as possible.
  5. Export “all content” using the export feature of WordPress.  You want to be sure you’re exporting from the most current version of wordpress.  More precisely, you want to make sure whatever version you export from will be the same version you’ll reimport into.
  6. Now that you have your content (the XML file WordPress just exported for you) and other important files you snagged from the backup process, you’re ready to blow away your existing WordPress install. For me: I simply created a new database, along with a new database users and password for safety.  I then blew away all the WordPress files except for my /wp-content/uploads folder.  Now, you need to systematically go through your uploads folder and verify everything in there belongs and is clean – don’t just assume – verify or all this work could be for nothing.
  7. Now go download new/clean copy of WordPress – don’t use your existing files since they could have been compromised.  Again, it’s important that your versions remain consistent, so be sure to use the same version you exported with earlier. Upload your new files and configure WordPress to use your new database.  The configuration/install process is triggered by simply accessing your website URL after you’ve finished uploading WordPress.  Be sue you use a new admin password, you old one is compromised – it’s also a good idea to steer clear of the “admin” username period.
  8. Now that WordPress is functional, but empty, go download plugins and themes you may need.  Again, these should be fresh downloads, being sure you keep the versions consistent.
  9. Ready for import.  Simply click on tools import – WordPress. You’ll have to download and install the WordPress import plugin, but if you made it this far, you’ll make it through that.  Once the plugin in installed, you simply import the content.  You’ll have the option to reattribute post to existing or other users.  You can also decide wether or not you wan to download/import files.

A couple of things about about the import process.  At the time I’m writing this it’s WordPress is 3.7.1 and the importer is 0.6.1, things do change.  The first time I ran the importer I didn’t check the “download and import file attachment” option.  Remember, I left my “cleaned” wp-content/uploads directory in place.  This preserved all my image links and such, but didn’t populate the media library – it was empty.  Not exactly what I wanted, so I dropped all the table in the database and went through the WordPress configuration and import process again, this time checking the “download and import file attachment” option.  That populated the media library, but create a couple new problems:

  1. It duplicated, and in couple of cases tripled all of my files.  I assume this was because the import process was acquiring/downloading and writing the files to the same directory and simply append the file names with a 1, 2 or 3.  Oh well – no biggie.
  2. But on some posts it also didn’t edit the img link correctly to reflect the new file name it just created during the import process.
  3. Most, if not all, relationships between the media library files and the posts they were used in were broken – not attached.

Not to worry, all isn’t lost. I simply examined all the post that had image links. Using the Search Regex plugin I searched all posts for  img tags.  That’ll help you identify the posts, then basically you just have to examine and repair any posts where the image link got fouled up.  During this process I also relinked these posts to the media library file so those relationships would exist. Finally I went back through my uploads folder and deleted all the duplicate files the importer plugin had created.

All-in-all, it sounds a lot worse that what it was.  If the importer plugin had worked correctly, this would have been a piece of cake, even so, it just took a little extra effort to clean up from the import process.  My almost 50MB database had been reduced to just over 1MB, the site nice and speedy again and my Google searches where no longer polluted with a bunched of hacked up meat data after a few days.

This time I’ll do a better job of keeping my WordPress, plugins and themes updated.

Yes another new look

Please excuse the mess – again. I just can’t resist change and found this new WordPress theme earlier in the week and needed a site with some content on it to play with. I figured those of you who visit here are probably used to it by now.

Back online

It’s been a busy few weeks, I think, since the ole blog has been functional.  As I’ve alluded to previously, it was time for a fairly serious change at philatkinson.org.  Baseball and softball will remain a passion here, but I expect it’s influence on this site to lessen as I’m able to spend more and more time on photography.

Technically, not only has the design and focus changed, but so has the underlying technology.  Most of you won’t know or care, but as part of this overhaul I’ve migrated from Drupal to WordPress.  It wasn’t an easy task, but it was a lot easier than I thought it’d be.  Personally, I found Lincoln’s article over at Social CMS Buzz quite helpful.  It’ll get you through the heavy lifting, but I found there was a bit of SQL clean up necessary.  That shouldn’t be a big deal if you’re used to Drupal (more specifically MYSQL), if not, you’ll just have to educated yourself a bit first.  Just remember to backup the database before doing anything you’re unsure about and you’ll be OK.

As for why the move?  I love Drupal, I really do, but it was a lot work caring and feeding for it.  Upgrading, redesigns, etc., are fairly large endeavors compare to WordPress.  And for a personal blog, it was just more technical effort than I wanted to keep investing.  Being honest, I’ll admit to becoming frustrated numerous times with WordPress during  the transition.  There’s just so much flexibility and power with Drupal — WordPress often felt like trying to squeeze a square peg into a round hole, but that’s the trade off.  Ease of use at the cost of flexibility.  Even so, I think I’ll be happy with the trade off as I’ll have more spare time to pursue other interests.