You might think of gardens and even garden blogs as little zones of quiet in the hubbub of life beyond. But try as you might the outside world always seems to find you. Some of the dark forces in the world found this blog and tried to mount a quiet takeover in the form of the WordPress Pharma Hack.
Diana of Elephant’s Eye was the first to notice when several weeks ago some of the search results for this blog were being hijacked with an offer to buy pharmaceuticals online without a prescription. My blog? Pimping Viagra and Tramadol? How rude. The situation continued to get worse as more results showed signs of the hack, and reached a point in Google Analytics where the word “pharmacy” was indexed twice as frequently as the word “plant.” I had no idea what was happening.
Eventually I tracked down the offending hack. Better yet there were several sites showing ways to make the beast go away. Fortunately this wasn’t the sort of hack where all the data vanishes, and at no point were any readers harmed by visiting these pages. But removing the problem required a lot of time checking out individual files and database entries in the secret inner sanctum files behind the scenes.
If you blog at WordPress.com or Blogspot you’re probably safe from ever encountering this. Both services have tech staff way more on the ball than I’m able to be.
If you host your own instance of WordPress, as I do, then you need to be on the lookout for it. The Pearsonified blog offers some useful ways to deal with the attack, as do several other resources. Just search for “WordPress pharma hack.”
At this point I think I’ve got it beat. Results on Google still show a few offending search results, but overall things are looking better as the robots spider through the content. So recovery from this hack is like recovering from a bad bout of the flu.
Some handy things to avoid getting hacked, or to quickly find out about a hack with it if you are:
- Blog at one of the main blog platforms unless you have a need or desire to exert more control over your blog content, display or delivery.
- Google yourself frequently, and Google your blog content. It’s not just for vanity anymore.
- Keep your WordPress version current. Updating will take less time and hassle than righting the wrongs of a hacker.
- Check your blog stats often. A big dropoff in traffic might signal a big problem with the blog.
- If you see another blogger’s content being hijacked, point it out to them. The symptoms of this attack are invisible if you’re just viewing pages or writing content. It’s only when you use a search engine that you notice this particular hack.
So…hopefully that’s the end of this headache. Relieved of the need to figure out the prescription for the problem, I actually accomplished some gardening today–and blogging too. Life is much better now.
Stay safe!
Just read a big story in our local paper about debit card fraud, and now this. Yuck. Glad you’ve got the know how to get things right!
That’s awful. Glad you’re back!
I’m sorry I didn’t mention it sooner. I wonder if this will help your feed problem at Blotanical. I cannot pick your posts there. But that might just be one of the glitches Stuart is busy sorting.
OK – I just tried, and yes, you are now pickable. Have a look at your Blotanical plot ;~)
That sounds like a real hassle. You have my sympathies. Reminds me it’s time to back up my database again and probably do a few other chores on my blog.
I like the illustration with the pills and flowers.
Oh gosh, James, it sounds like a nightmare. It sounds as though you learned a lot about hacking in the process of getting this sorted out. I’m glad you’re back, and thanks for the tips on what to look out for.
To put it bluntly, James, that sucks! I’m glad that you’ve (hopefully) resolved the problem. So much more gratifying to garden and blog than to waste time and energy unhacking a hacker.
Thank you for the information on keeping up with potential threats, and welcome back.
And your photo illustration for this post is just great.
Sorry to hear you were hacked. The streets are getting safer than the internet.
Now, back to the good stuff: plants!
I see you are experimenting with a favicon.
Thanks to you mentioning me here, you have bumped me up the Icerocket rankings! But I am still behind you ;~)
Yeah, I saw the pharmaceutical description next to a google search of Lost in the Landscape. Sorry, but I clicked the “block all results” feature before I knew what I was doing. In any case, I searched soenyun and discovered your incredible photographs! It’s always fun to discover a different side to a blogger.