I thought my site was hacked. It’s been hacked many times before. I have a dedicated server with over 40 websites on it. So, when I saw that this site was down, I quickly checked some of the others. One after the other the sites were down.
Yesterday I found some malicious code on this site and several of my other sites, including non-WordPress sites, but still PHP sites. I have one totally HTML site and that wasn’t affected. So, let me tell you what you do if your site is hacked. You can either go to a site like Sucuri or go to oDesk or Elance and hire an “ethical hacker”. This is someone who could hack into your site, but instead is using his/her skills to clean up your site after a hacking attack.
I have a guy in India I’ve used before. I found him on oDesk. I just posted a job like this:
Title: Ethical Hacker to Clean Up My WordPress Site
Description: My WordPress blog was hacked by
HaCkEd By Mr.MoRo MoRoCcAn HaCkEr
I need someone to clean it up.
I set the budget at $10. The average bid was $16.67 (which is $15 plus the oDesk fee). I had 17 bids in about 1 hour. Make sure you take someone with experience, excellent feedback and knows what he’s doing.
So, I went back and forth on my phone with my ethical hacker from oDesk. I was actually in shul (the synagogue) praying the morning prayers and writing to him over oDesk. I wrote him at 8.15 am my time and checked the messages again at 9.15 am when I was done praying (it takes about an hour for shacharit, the morning service for Jews). We went back and forth until around 12.3o pm. That took my through my morning learning (I learn Torah each day) and picking up a new cellphone for my wife and then doing the shopping with 2 of my (7) kids (on summer vacation). By the time I got to my laptop we decided it wasn’t a hacking but a problem with the server. I did a system reboot on the server and everything starting working again.
The guy was so helpful I’m going to send him $10 just for being there when I needed him.
So, here’s what you do if your site or server was hacked. If it’s clear it was hacker, i.e, it says on the site “Your were hacked by ME!” contact an ethical hacker or Sucuri. An ethical hacker is cheaper. If you’re not sure it was hacked, contact the host and try to resolve it.
Have you had a similar experience like this? Please leave your experience in the comments below. Everyone will benefit from you sharing your story.