This is like a story in a movie to me.
Who would have thought a website like ours could get hacked… Seriously.
We are so small and so insignificant… What do they benefit from this? I just don’t get it.
Yup, thit is what happened.
First, we got a notice from WordPress saying that there was a problem with an app that we had installed. We tried to sort things out by logging in and removing the app that was supposedly causing the problem, but I got an error message saying “Invalid password” again and again and couldn’t get in.
We were like, “aye yai yai,” you’ve got to be kidding me!!!
At one point, we gained access to the site with the emergency login but we couldn’t get to the app list.
Then, a couple of hours later, we got an email from our server telling me that the site was compromised…We were like, “What?!,” and kept on reading the report. It said they found something suspicious in the WordPress admin files.
It said there were five files infected. We tried to fix it by following the instructions given, but it said, “It’s not 100% guaranteed that the problem would be gone by just removing the infected files as there might be some residue left somewhere deep in the other files, and the same thing could happen again.
What do you mean? There are no solutions after all then!! COME ON!!
We aren’t IT people. We are clueless.
Yeah, of course, we could’ve learned about it from step 1, but who knows how long it would have taken to fix it. Our site just displayed “access denied,” which is just simply awful.
After all the emotional rollercoaster, we made an ultimate decision, which is to delete everything from the server and create everything from the ground up.
It wasn’t too much of a hustle to make the pages for a lesson and textbooks as we had some drafts, but the blog… yeah, the blog posts from back in 2019 and on…
Also, we lost the list of blog subscribers… But don’t worry whoever subbed to our site as the list was privately managed and had nothing to do with the infected WordPress files. It’s all good. BUT! As we had to delete everything from the server and restart everything, we had to say bye-bye to the mailing list. How sad… UNSPEAKABLY SAD!
But what we learned from this is 1) update the site more often, 2) backup data, and 3) just move forward. There were things we felt needed to be updated and fixed but we just left them untouched, so this is a great opportunity to fix them up. Not only bad came out of this experience, but also good…. but bad is much more than good… but well, we should stop whining because we can’t go back in time!! So, well, here we are now.