Yesterday was not a good day.
You may have noticed that yesterday morning, your website was not working. October 17th.
Overnight, a virus, hacker, or payload package went off.
My server was classified as compromised by Google, and it was suspended.
- When I got up in the morning to work, I could not access any websites.
- I was able to access my server but it was not running.
- And I did not have the ability to restart it.
Once I contacted Google, it took about two hours for them to allow the server to be restarted and ten minutes for me to remove the possible offending website.
So what happened?
Somehow, someone was able to get a file on my server that then went active and started to send bad emails.
I checked email logs and found nothing.
I did check my virus logs and found nothing.
To be safe, I deleted this website.
Within a few hours, I had the server up and running, but I had a few unhappy customers.
The importance of being up to date.
The website I deleted was an inactive one.
It was running old software and old plugins.
I think this is how the hackers were able to inject a payload into this site and cause this problem.
Every week.
Please, make sure every week that you check your website for me and make sure all the plugins are up todate.
In my case, I have two updates that I need to run.
When you have logged in to your dashboard, it is a simple task of clicking on updates and running them.
There may even be WordPress update to run.
If you have any questions, contact me.
Zombie Websites.
This may not have been a person.
Old websites can become infected with a payload that goes out and finds other old websites like themselves and infects them.
These then become zombie websites. They act and operate just like a website, even still showing the pages of the original website, but they also seek to find vulnerabilities like they had and infect more websites.
All of this is computer-to-computer.
WHY?
The zombie website then might try and go phishing.
They will send emails to people saying, maybe, their gcash account may be at risk to check; please follow the link. Or PayPal, or some other account. But this is a lie.
Follow the link and it looks like you are at gcash, or PayPal, when really, you are at the zombie website.
You put in your username and password, and the websites say, ” It’s okay; your account is safe.”
But now the hackers have your gcash username and password.
Yes this is an increadiable pain.
And this is why I am so serious about security.
Not only did my server get attacked, but I got taken down for a day working to fix this.
At one level I was very fortunate that I was not travelling. Also on checking, I did not appear infected
That I had a good internet connection.
And could do all the things I needed to get the websites running again.
Also, that after checking it would appear that nothing bad had been able to get active.
Please prayer,
I need to be skilled.
I need to keep ahead of the hackers.
I need to keep you safe.
I want to educate you so nothing of the internet can find you or your website hackable.