My other blog was hacked

My other blog, Vic.Pics, was hacked!
Luckily it wasn’t too bad.  Thankfully I have regular automatic WordPress back-ups to restore from.

I’d logged into the site’s Dashboard and installed some updates, I then clicked on “Visit Site” for a quick look before I started working on the next post.  I was shocked to see that the most recent post title had been changed to “hacked by NG689Skw”.  Clicking on the post revealed that the text and image had been deleted.

I had been using two factor authentication, where I needed my phone to log-in, so how had NG689Skw access my WordPress install?  Checking my settings revealed that my admin password hadn’t been disabled.  Doh!

My hosting provider, Crazy Domains, offers automatic back-up of WordPress installs, so I was easily able to roll-back the site to the previous back-up.  The next step was to try to prevent any further un-authorised access, so I also updated my settings, removing all password log-in methods.

The moral of this story is to ensure is to have back-ups of everything and use two factor authentication for your log-in.  Make sure you disable the legacy settings, so a password cannot be used to log-in.  That way you can spend more of your time writing and publishing.