Losing my Geek Cred: Nick.pro hacked
No it was not because I was lazy and didn’t keep my blog up to date because I did. The blog was already running the most up to date version of wordpress available. The compromise most likely came through a vulnerability in one of the plugins or in the theme I was using.
My first inclination would be to pretend that such an embarrassing lapse of security never happened, but I thought that perhaps the tale of how I’ve brought things back up might help others who find their websites hacked as well.
Friday night I did a fresh install of the wordpress software with a new database, new database password, and new password for my user. I then imported my content from a backup copy from well before the hack (you do make regular backups of your blog’s content right?) and manually copied over the images (and only the images) from a backup as well.
Because I am still unsure how the attacker gained access to my site, I installed only the bare minimum plugins to get my site functioning again, and for the moment am using the default TwentyEleven WordPress theme that comes with a stock wordpress installation. When I have more time I will make a brand new theme not using any existing theme as a basis in case it was the theme I was using that was compromised.
I held off writing this “I’m back” post for the weekend in case somehow I still didn’t have the leak secured, but the site has not been compromised again, so hopefully the worst is behind me.