So, as the old saying goes, “ye shall update WP in a timely fashion to avoid being hacked” or something like that, right? Of course I’m kidding, however those of you that visit frequently may have noticed the odd posts a few days ago. Indeed, while playing in the real world (and not paying attention online) my blog was hacked – twice. Ouch. Thankfully, the impact was minimal, and easily resolved. Although there’s definitely a little bit of egg on my face. 😉
How did I get hacked?
If you’re curious how my blog was hacked, I’ll tell you in a few short words. I waited to update my WordPress installation. Yep – simple as that. As a long-time user of WordPress, I suppose I’ve grown a little jaded and try to schedule update sessions into my weekly routine, but this time it bit me in the backside. Not once, but twice. Double ouch.
First, a kinder “white hat” hacker invaded the content of my next to last post, reminding me (in an amazingly cordial fashion) to update my WP install. Too bad I wasn’t online paying attention, eh?
Second, a less-than-white-hat hacker took over my most recent post – along with those of what seems to be hundreds (if not thousands) of other users. I’m not going to keyword-bomb this post, but whomever was at the root of the infiltrations definitely had things moving at a nicely automated clip to hit so many so fast. As a note, tens of millions of users blog with WordPress, so if something happens to the community as a whole, it’s usually pretty easy to find some help.
A few updates and the blog is back to normal – although I haven’t yet restored those posts (if you’re a keen follower keeping score).
Always update your WordPress in a timely manner.