So I go to one of my websites the other day and I get shocked to find out my site has been hacked (actually several of them were).  Unfortunately, I have to take part of the blame for this.  True, the bozos that did the hacking are at fault.  But, if I had heeded my own advice (the title of this post), the situation probably would have been avoided.

You see, there are many good things about using open platform software—at the top of the list of course being that it’s free.  However, the open platform also affords those unscrupulous dirt bags the opportunity to find ways to hack your site.  Two of the most popular open source platforms are Joomla and Wordpress, of which my sites (including this one) are constructed.  In my case, it appears the hackers got in through the Joomla side, altered some of my index.php pages and changed my Joomla password.  Fortunately, I was able to get my sites back to normal—though I would have preferred not to spend that time fixing things.

Why do I say it’s partly my fault?  Because the version of Joomla I was running was several iterations old and I should have updated before now.  I’m usually good when it comes to keeping my software up to date.  But I have to admit I’d become a little lax on the Joomla end of things.  I hadn’t even realized there’d been five updated versions released since the one I was using.  Believe me, that won’t happen again.

Because of security threats, along with other fixes and enhancements, Joomla and Wordpress are constantly releasing updated versions of their software.  However, while Wordpress automatically notifies you in their dashboard about available updates, Joomla does not—so you have to periodically check their site to see if there is a new version.  Most of my sites are in Wordpress, but I like some of the functionality and modules available with Joomla so I use it for a couple of sites (including this one).

Although I have local backup copies of my sites, they weren’t as current as I’d have liked.  Since I was planning a Wordpress update soon, I was going to make current backups then.  Fortunately for me, my website hosting company was able to quickly restore my sites from their side (when choosing a web host, always check their backup and restore policy).  I quickly updated all software versions (both Joomla and Wordpress) and changed all my passwords.  And I also made my own backup copies of all my data.

While there are other security measures you may be able to employ, the best steps you can take are to make sure you have your own current backup copies of your data, have a web host with the ability to backup and restore quickly from their side, and make sure you have the latest updated version of your software.  Take it from me, I know now!

Last Updated ( Monday, 23 August 2010 10:46 )