Monthly Archives: June 2010

My wordpress blog got hacked!

Suddenly two of my blogs could not be viewed. It was blank and another one display the “Warning: Visiting this site may harm your computer!” when browse with Google Chrome.

What I did to recover..

1. Remove the injected script in infected files (this can be checked in the error log file)

2. Login to my wordpress and export all content and save it on my PC

3. Download all my images in wp-content/uploads folder

4. Totally remove the wordpress

5. Do fresh installation with latest wordpress version available in Fantastico

6. Upgrade wordpress to latest version available with auto update feature

7. Make sure I don’t use “admin” as username for my blog and password at least 8 character long consists of aplhabet, number and special characters.

8. Install only neccessary and trusted plugins and themes. Immediately update plugins if new version available

9. Import all the files with import feature in tools

10. Copy back all the images to wp-content/uploads folder. Better check first to ensure no unwanted files in the folder.

Other than that..

1. Scan PC for virus and malware

Kill those malwares/virus

Lots of new virus and malware nowadays. Keep your PC safe with these tools

AVG Free

Malwarebytes Anti-Malware

Another thing, try avoid using Internet Explorer. Google Chrome can better protect you from infected websites.

If you are using open source application like wordpress. Ensure that

  • you are using the latest version
  • your password is secure with at least 8 alphanumeric character with mix of special character and lower/upper case character
  • you are using 3rd party plugins/themes from only reliable sources
  • if possible try remove standard footer and header generated by the application (please read the terms first)

Other tips

  • Don’t login to your web application in public and unsecure place or PC’s like in cyber cafe etc
  • If you suspect your account was hacked, immediately change the password and inform your system admin or hosting/technical support

Updated: Don’t eve save password in FTP client application like Filezilla. They save your password in flat file and easily read by any other application

Create a printer-friendly page

Easiest way to create a printer friendly page is by creating another css file. What I did is just removing the heading style.

CSS (save the CSS file as style-print.css)
#header is id for your header (div or table)

1
2
3
#header {
   display: none;
}

In HTML add this line

1
<link rel="stylesheet" href="style-print.css" type="text/css" media="print" />