About three weeks ago my blog got hacked. My landing page showed a single page telling me that the site got hacked. It had an email address for me to go to for help. The hackers wanted me to pay to protect my site. I had my hosting provider clean up the mess for me and i started asking around at DP. The hackers who got into my site were basic noobs trying to make a name for themselves in the hackosphere. They were small time so the fix was pretty simple. I did some research on the guys who did this to me and found it to be some Brazilian website. Did a whois search and kept digging. The sad truth is that things like this happen when you run a website. Its a pain in the ass but there really isn’t a course of action. Its not worth time and energy trying to get the hackers. The best thing to do is to protect your blog. You can buy software and install it to your server or if you’re a cheap bastard like me, just blanket it with some simple tips.
1. Make sure that you disable all anonymous ftp access.
2. Constantly be changing your passwords and check your logs every once in a while.
3. Change the file permissions. 755 should be changed to 644 etc
4. Talk to your host about security.
The fourth tip is an important one. Many bloggers don’t spend enough time with the tech guys of their host. Its good to understand the basics of how your site is run on the server side. Its all very overwhelming in the beginning but once you start talking to the tech guys you will start understanding piece by piece.