We’re always talking about keeping good data backups here at Small Dog. You just never know what will happen to cause data loss or data corruption, and no matter how technical you may be it could still happen to you.
Earlier this week I was logging into my WordPress blog and instead of being greeted with the administration index page which is normally just a login window, I was greeted with Russian writing and some music. Fortunately, I’m meticulous about keeping WordPress updated and following all possible security precautions, including two-factor login authentication. So it didn’t appear as though anyone had actually gotten into my blog or the database.
Still though, I was stuck locked out of my blog. Time Machine to the rescue! I was able to get into my server and find recently modified files. There was only one: the index.php file for the WordPress administrator page. I fired up Time Machine went back a few days (those files shouldn’t ever change in normal use) and just replaced the whole directory with an earlier version. I was back into my blog within 10 minutes. Without a solid backup, it might’ve taken much longer. I might have needed to reinstall my entire blog suite and that would’ve taken the better part of a day.
How do these kinds of hacks happen? Generally they’re performed by bots crawling the web with known exploits of popular and widely installed web software such as WordPress. I truly believe that two-factor authentication saved me from a much bigger disaster. After this incident though, I’ve taken the additional step of turning on HTTP Basic Authentication for the entire admin directory. This should help add yet another layer of protection.
WordPress is a great blogging engine, but if you’re going to host it yourself, you really need to stay on top of updates and good security practices. Personally, I’d never run my own WordPress installation without two-factor authentication installed. It’s not a native feature of WordPress unfortunately, but it’s easy to install with a variety of plugins. Enabling HTTP Basic Auth requires some basic terminal skills and understanding of Apache (the web server software). All of the things I use helped make a potentially devastating hack a minor inconvenience. Happy blogging!