Last month (June 2012), I was the victim of a vicious pharma hack. This isn’t the first time my website was hacked, but it was definitely the worst. It’s been tough, but I’m prepared to talk about what happened, how I fixed the problem, and what I’m doing to recover my business.
Image may be NSFW.
Clik here to view.
What Happened?!
The Initial Signs…
Around May, my traffic started to peter out. I expected this as it happens every year. The combination of Mother’s Day, Memorial Day, and general “preparing for summer” tends to make people forget my website exists. It’s the same drop in traffic I experience right before the “big” holidays in the winter. It’s completely understandable.
However, when things didn’t pick up again when they usually do (about mid-June onward), I started to get worried!
What was going on? Did I do something wrong? Did people just not like me?
What happened?!
Strap in. This is a long one.
How I First Saw the Hack
AKA Why My Phone is Magic
It was just pure luck/chance that I finally saw the damage done to my website.
I was out and about and I wanted to see if my latest post had uploaded all right. Since I wasn’t near my “real” computer, I checked it on my phone…
…And that’s when I saw it.
All over my website!!
“Buy Viagra!”
“Buy Wellbutrin!”
OH NO!!!
None of this could be seen from my computer browser, but, for whatever reason, it was visible to my phone. And, unfortunately, to the Google robots.
What the Robots Saw
AKA How My Website Became a Google Pariah
My worst fears were becoming my horrible reality: Google hated my website.
I was nowhere to be found when I typed in the keywords I have previously been ranking well for. And when I typed in “littlezotz.com,” Google came back with the message “This website has been compromised.”
I knew for sure that I wasn’t imagining what I’d seen on my phone when Google Fetch returned with the same results.
I felt horrible.
I not only felt humiliated, but I was filled with all sorts of anxieties. Not only was this hack warding off future clients, but I’d betrayed the trust of my current clients! When people come to my website, they expect a safe friendly experience–not an advertisement for boner medication!
In order to protect my readers, I hit Facebook and Twitter to warn them away. And I put my site into Maintenance Mode.
Website Security
The True Cost of Being Cheap
I have a confession: I’m incredibly cheap.
I’ve been called a “miser” by close friends.
In fact, the original reason this Blog has hand-drawn illustrations with every post is because I was too much of a skinflint to pay for stock photos! (Just my luck that the illustrations caught on! …And I happen to like drawing them).
It’s partly my personality, partly from growing up poor, and partly something completely beyond my comprehension. Maybe I read too many Uncle ScroogeImage may be NSFW.
Clik here to view. comics as a child. Who knows!
So when I read in WP Pro Simple Security that I could get website security with a few free plugins, I installed them, dusted off my hands, and moved on with my life. DONE!
…But free plugins can only go so far…
I hit the WP Pro Business forums and asked for guidance. Adam Warner himself signed on to assist me.
Free plugins from trusted sources are a great fundamental step in preventing website hacks, but “no website is completely safe.”
I was going to have to invest in something more heavy-duty!
Sucuri
How My Website Was Saved!
Per Adam’s suggestion, after I couldn’t get rid of the hack on my own, I signed up for some website security at Sucuri.net.
Image may be NSFW.
Clik here to view.
I couldn’t believe the services these guys provided! AMAZING!!!
Not only did they believe me when I said there was a problem (unlike my webhosting service–and I’ll get into that in a moment), but they were able to fix the problem WITHIN HOURS!
They were friendly, professional, and went above and beyond the call of duty. I asked a ton of questions and they answered every single one. Without treating me like an idiot.
Not only are they scanning my website every 4 hours, but they provided me with several new ways I could protect my website on my own in my spare time.
They also wrote into Google on my behalf and got my “compromised” status removed!!
Wow.
That picture of their logo is actually a link to their website. Go get yourself some of their awesome security. I’m not kidding! I hate spending money, but they are worth EVERY PENNY of the $89.99/year they’re asking for–and more!
Changing My hosting Service
AKA Why Green Geeks is Terrible
When I first started my website, I asked a fellow writer friend which hosting service she was using. She turned me to Green Geeks and, at $4 a month with unlimited space, I was sold. (This goes back to my being cheap…)
However, there were problems from the start.
I have a huge list of grievances with this company, but my main one is this: Their customer service is TERRIBLE.
They have a live chat service, but, unless you’re talking to “George,” it’s completely useless. Every time I asked a question, their response boiled down to “figure it out yourself.”
When I was hacked the first time, I let them know, and I (stupidly) asked for help. Their response was telling me “don’t tell anyone your password next time” (I DIDN’T!) and giving me a form letter with a list of “prevention steps.” Nearly every time I spoke with these people, they were evasive at best and downright rude at worst.
When my site was hacked again last month, I went to them again–not expecting help (HA!), but wishing to warn them in case my website compromised anyone else on their server.
They reacted with annoyance, told me they didn’t see anything wrong with my website (even through I provided them with screenshots of my Google Fetch results), and proceeded to bombard me with an advertisement for their own “website security” service. Which I thought was tacky, and a little suspicious.
That was the last straw.
I’m currently in the process of changing my hosting service.
I’m moving my site over to Rydia.net.
I didn’t use Rydia originally because I thought they were for artists only, and that they didn’t host WordPress sites. Well, while they do cater mainly to the artistic community, they do host WordPress sites now.
For their customer service alone (You’re awesome, Dormando!!), I would recommend this host. That, and my significant other has been using them for over a decade with no problems.
The Aftermath
“Come Back, Everyone! It’s Okay Now, I Promise!”
I mentioned at the beginning of this post that my traffic took a major hit.
Here are some screencaps of my Google Analytics results, as compared to previous months:
OUCH!!
That’s going to be hard to recover from.
Moving Forward
Looking on the Bright Side
On the bright side, in the time that I thought my traffic had dropped because of something I had done personally, I made a lot of improvements to my website. And even though I know now that my traffic drop wasn’t from something I did, I’m going to continue to improve my website!
My website has an overall cleaner look, easier navigation, more information, and is just overall…better.
I also used the time without my website to submit to magazines, work on my poetry, and create a brand new buffer of Blog posts–for this very Blog!–that I think you’ll really enjoy.
I’m truly sorry about what happened.
Please come back?
The post Recovering from a Pharma Hack appeared first on LittleZotz Writing.