My other blog was hacked

Feb 7, 2017 | online publishing | 0 comments

My other blog was hacked

My other blog, Vic.Pics, was hacked!
Luckily it wasn’t too bad. Thankfully I have regular automatic WordPress back-ups to restore from.

I’d logged into the site’s Dashboard and installed some updates, I then clicked on “Visit Site” for a quick look before I started working on the next post. I was shocked to see that the most recent post title had been changed to “hacked by NG689Skw”. Clicking on the post revealed that the text and image had been deleted.

I had been using two factor authentication, where I needed my phone to log-in, so how had NG689Skw access my WordPress install? Checking my settings revealed that my admin password hadn’t been disabled. Doh!

My hosting provider, Crazy Domains, offers automatic back-up of WordPress installs, so I was easily able to roll-back the site to the previous back-up. The next step was to try to prevent any further un-authorised access, so I also updated my settings, removing all password log-in methods.

The moral of this story is to ensure is to have back-ups of everything and use two factor authentication for your log-in. Make sure you disable the legacy settings, so a password cannot be used to log-in. That way you can spend more of your time writing and publishing.

This post contains affiliate links to my host provider, Crazy Domains.

← (previous in category) Back to work Coincidence, a new Mack and a new Mac (next in category) →

← (previous in timeline) Talking technology with my 7 year old daughter I've been driving a new Mack Superliner (next in timeline) →

← Back to work Coincidence, a new Mack and a new Mac →

← Talking technology with my 7 year old daughter I've been driving a new Mack Superliner →

Getting geeky with WordPress Hosting

Apr 1, 2016 | Site, Tech | 0 comments

I told you last month that I was looking around for new WordPress themes for my personal blog (this site) and Vic Pics. The trouble has been that my web hosting upload limit was 2mb, wich is fine for photos, but most half decent WordPress themes are well over that limit, so it was time for a fix.

WARNING: Geeky tech content below.

Some Google research revealed that to allow larger upload file sizes on my WordPress blogs that I would need to edit my pnp.ini file. Yeah-right, whatever that is. After a bit more research, I worked out how to find and edit my php.ini file, but hold on – it turns out I don’t have a php.ini file.

Checking my host provider’s “Help” pages I discovered I would have to create the file and then edit it with the correct details and then update the “.htaccess” line in the hosting files. Now I don’t normally like having anything to do with this sort of back-end code, but I gave it a go and wasn’t at all surprised when it didn’t work. Large files were still rejected with an error message.

What now? Try that other great research tool – YouTube. I found a good video that showed a php.ini file being edited, but the location was different (within the WP-ADMIN) folder instead of the Public_html folder that Crazy Domains said. So what I tried first was the code used in the video, typed into the php.ini file I’d created earlier as directed by the host’s help page. I held my breath as I tried again to install a large WordPress theme… and it worked, YAY!

So if you are with Crazy Domains and want to increase your upload limit, do this;

Follow the Help pages and search for a php.ini file in your File Manager, Web Root (public_html)
If you don’t have a php.ini file, create one in the public_html file
Edit the php.ini file and enter the following lines and Save
upload_max_filesize = 128m;
post_max_size = 64m;
safe_mode = off;
Find your .htaccess file and add the line below and Save
SuPHP_ConfigPath /home/username/public_html/php.ini
Keep your fingers crossed as you try again to upload that large file to your web host!