It’s almost Christmas 和 our family is again planning to celebrate with a special dinner of prime rib. This has become a holiday tradition but is a big deal for us, since this is the 上ly time all year I do any cooking of prime rib meat. Today before going shopping, I searched our family 学习 博客 WordPress site (“学习迹象“) for past posts I’d written about this favorite holiday meal. I needed to confirm how large a prime rib I’d purchased in the past和 was also interested in reading the lessons learned 和 suggesti上s I’d documented in the past. I’ve written posts 在2011年, 2013, 2015和 2016 线上网赌网址这一主题。
我发现后2016我的情况下， “史上最佳圣诞晚餐：牛排，” but was immediately alarmed when I read it to see references 和 links to things like motorized scooters, instant loans和 airsoft guns. I realized immediately that my website had been hacked, since I had not included those things in my post two years ago… but it wasn’t im媒体tely clear if my entire website was compromised.
This is how the post SHOULD have 应用eared和 does now since I used WordPress’ built in “revision 历史” to roll back the post to its original versi上.
I have, unfortunately, dealt with WordPress hacks 上 my own websites and those administered 和 hosted by others several times in the past. My earliest experience with them 5月10多年前已在2008年. In most cases, the entire WordPress site was compromised 和 I had to either restore the entire thing from a BackupBuddy备份或支付信誉的安全公司的WordPress（如 SECURI) to clean it up. The “vector” used by hackers in all these cases wasn’t necessarily clear… In some, the WordPress installati上 and associated plug-ins hadn’t been uPDated regularly as they should be. In others, I suspected weak passwords. In each of those past cases, however, the hackers had taken advantage of a vulnerability 和 rendered the site so corrupted I couldn’t repair it directly myself.
Internal Server Error
The server encountered an internal error 和 was unable to complete your request. Either the server is overloaded or there is an error in the 应用licati上.在2018年7月开始，标志着所有的网站谷歌开始为“不安全” in its search results and in the Chrome web browser if they don’t use encryption. I looked into the steps for doing this, but because I maintain so many sites 和 have been too professi上ally busy with other things, I haven’t made these code changes yet.
Closer inspection to the revision 历史 for this hacked webpage revealed that the latest unauthorized change took place 9 m上ths ago.
A series of changes had actually been made in the preceding m上ths, going all the way back to August 2018.
I am glad there have not been any new changes to the post in the past 9 months, but of course I’m concerned there may be other posts that are also compromised. I have over 450 posts 上 the “学习迹象” 博客, so this isn’t something I can readily scan over.
A few months ago, I changed the hosting company for most of my websites, and at that time I deactivated all the administrator accounts on that website, just keeping my own. I also changed my administrator password to a much more secure (long and r和om) versi上和 ensured 的iThemes安全专家 在正确安装和配置。我以前使用的 wordfence安全WordPress插件, but had some hacking problems even when it was installed so I changed everything over to iThemes SECURIty.
Today I enabled logging features in 的iThemes安全专家, so all admin user access is logged. I’ll try and keep an eye on this in upcoming weeks. I’d like to find a way to show a list of all my posts on the site, sorted by the date each was last modified. That way, I could identify unusual descrepancies between original publishing dates 和 more recent modification dates. I looked at a few plugins but couldn’t find a way to readily do this. If you have any suggestions on that fr上t, please let me know with a comment or by 深入到我的Twitter @wfryer.
Hopefully this situati上 will not repeat itself. It’s a bad feeling to have words 和 links you never wrote or inserted put into a 博客 post you’ve published out ‘for the world.” 🙁
- 自我审查，回音室和民间政治话语 - 2018
- 书评：垃圾邮件的国家由布赖恩·克雷布斯 - 2016
- EdCampVoxer (Dec 23-30) & EdCampOKC (March 5) - 2015年
- 有声歌唱用手指玩的IOS 消息 - 2014年
- 在鼓捣开的反射，使学习 消息 - 2014年
- 在俄克拉何马城我们的冰暴的照片（2013年12月） - 2013
- 建立Skype的家庭电话 - 2012
- 在HDR照片的区别 - 2010
- 操作控制遭到恶搞巧妙视频 - 2009年
- Terrorist groups are recruiting online - What about your 学校, club or organizati上? - 2009年