I work with several web pages and yesterday in my process of answering email I was supposed to refer to information on one of my websites. But, as I opened the web page it was all white with this simple text visible to visitors: „hacked by hacker”
Never in my life have someone hacked any of my sites, so this was something new. Where do you go to find information on such things today, to Google. So I typed „hacked by hacker” into Google and within seconds I realized that I am not the only one suffering from this hack attack. This seems to be a general attack on certain server types around the world, very often united by the fact that they use the Cpanel software. My web page also had Cpanel (while all my other sites which do not have Cpanel did not suffer from similar attack), so this might be correct.
Since the web page we are speaking about uses WordPress I was afraid that the hacker-attack would harm my database with all information, texts and posts. Luckily the hacker attack did not harm these at all, but I had to do some minor work for things to get back to normal again. Step number one for me was to delete index.php/index.htm/index.html from the root directory of the web page and after that add a new index.php file from a working WordPress installation. After that the same thing needed to be done with the index files in the WordPress theme folder. So I therefore deleted the index files from the WordPress theme directory and then got hold of a working index.php to the same theme from somewhere else. After this the webpage got back to life, but no links worked at all. What happened? Somehow the attack also got onto my .htaccess file, so the permalink structure made by WordPress did not work. So I found a similar .htaccess file from another page with the standard WordPress coding for this file, and after this it all started working again.
The question is though if the page has been made any safer? Will the site stand the test if this hacker or another hacker would return… I guess not, but who knows?
I survived my first hacker attack and „hacked by hacker” is history, at least for now. If he returns I will let you know, and maybe I should consider doing some security updates to my WordPress site.