The Travelista

  • Home
  • About
    • Collaborations
    • Press
    • FAQ
    • Contact
  • Travel
    • Destinations by World Map
    • Hotels
    • Airlines
    • Restaurants
    • Itineraries
  • Life
    • Yorkshire
    • Style
  • Motherhood
  • Inspire Me
    • Adventure
    • Beach
    • City
    • Culture
    • Mountain
    • Tropical
  • Shop
    • E-mail
    • Facebook
    • Instagram
    • Pinterest
    • Twitter
    • YouTube

My Blog Got Hacked

15/02/18 ᛫ 18 Comments

At the start of January my blog got hacked. Someone or something hacked into the site and infected it with malware, which basically means malicious software. I was at risk of losing my entire site and it was a huge reality check and learning curve for me. At the risk of sounding a bit dramatic, it was one of the most stressful things I have ever gone through with my blog and business, so I have decided to write a blog about it to help other bloggers make sure their sites are fully protected. I know there have been a number of bloggers affected by hacks recently and I really would hate for it to happen to any more.

The hack happened because my site didn’t have sufficient security and deterrents. It’s something I felt so stupid about at the time, but I guess it’s not something that is widely talked about in the blogosphere. I was blissfully unaware that my blog was even at risk, so maybe you are too? I love all the creative elements about running a blog, but when it comes to the tech side of it, I really struggle. This is the story of my blog hack.

The Story

It was a Sunday evening and Scott and I were relaxing at home after a really chilled-out day. I try to totally switch off from emails, blogging and social media on Sundays. However, that Sunday I happened to check my Instagram direct messages. There was a message from one of my lovely followers letting me know that the Google description of my blog was all in Chinese characters. For some reason, I didn’t initially panic or connect this issue with a hack. I just calmly replied with ‘oh thanks so much for letting me know! I will definitely look into it’. I’ll do it tomorrow, I said to myself.

It wasn’t until about 30 minutes later I thought about that message again and I decided to try and log into my WordPress admin page. I entered my details as usual, but it said my username and password was not recognised. The hacker had changed both of them, so I couldn’t access my blog. This was when the first surge of stress and adrenaline hit me. I then went to look at my homepage, which was displaying nothing more than just my logo header. Had I been hacked? How do I find out? How to I get back in to my admin panel? I spent the next 30 minutes or so completely freaking out, which was incredibly unproductive. Poor Scott was trying to help out by calming me down and Googling things on his phone. The truth is, we were both pretty clueless.

Cleaning Out the Malware

It took a while to find some rationale in my head. After the initial panic, I got in touch with Blue Host (my web host at the time).

I do not recommend Blue Host and I have since changed host providers.

They confirmed that my blog had been infected with malware and that they would need to temporarily close the site down to stop it from getting any worse. Secondly, then advised that I would need to find a third party company to clean out all of the malware for me. After getting advice from fellow bloggers, I decided to use a web security company called Sucuri. I paid just shy of $300 for Sucuri to do a full malware clean up and install a 12-month firewall on my blog. They explained that because my blog had been hacked once it was now vulnerable to future attacks. I didn’t know if this was true or just sales jargon, but it seemed logical. In the stress of it, I was willing to pay any amount of money to sort the problem and protect my blog going forward. To my knowledge, Sucuri managed to clean the malware out in around 9 hours (much longer than the quoted 4 hours in the sales pitch). After a £90 phone call to their USA helpline and day later, they confirmed that they had cleaned out all the malware and installed the firewall.

The hyper-sensitive firewall then opened up a whole new can of worms as it started to block users from accessing my site and leaving comments. This means my traffic totally plummeted for the days that the firewall was active. The issues with the firewall continued for about another 10 days following the hack, which just added to the headache. In hindsight, I had implemented a firewall which was way too strict and sensitive for my website needs. Sucuri was in no-way user friendly (unless you are fluent in tech language) so it turned out to be more of a hindrance than a help. The blog had gone from not secure enough to way too secure overnight. I needed help.

I do not recommend Sucuri.

Changing My Host

I know that ultimately I am to blame for the hack as I stupidly I didn’t have sufficient security, but I was really let down by the service from Blue Host in the whole debacle. Firstly, they did not alert me in any way about the malware. I had to approach them and ask them to check my site for me. Secondly, they had not been taking backups of my site, which was a huge miscommunication in itself. Thirdly, they’re based in the US and have no direct phone line. The only way is to get customer service is via a live web chat to someone who speaks in broken English. When you’re stressed out and in need of clear advice, this can be incredibly frustrating.

I have since changed host to an independent and UK-based host provider called Fred Bradley, who is a breath of fresh air and was a total god-send at the time. When I explained the situation to Fred, he pro-actively spotted that some malware was still in my blog. By this point it felt like the issues were never going to end and I actually lost trust in Sucuri as my chosen security provider.

If you are going through a similar issue, I 100% recommend Fred.

In the end I ended up getting a refund on the Sucuri service (minus $99 for the malware clean up) and have since transferred all hosting and security services over to my UK based host. Fred has been incredibly helpful has helped to secure my entire website as well make changes to help it rank better on Google.

I don’t think that this hack was a personal attack on me. I think it was probably more of a robotic hack that was seeking credit card data or email data. Unfortunately for the robot, neither are stored on my blog so it was a bit of a waste of time for everyone involved. What scared me the most is the fact it had accessed my admin panel, as it could have deleted my entire site. In the grand scheme of life this isn’t a serious issue. Nobody died and I managed to restore everything back to how it was. But this horrible experience definitely has made me realise the importance of web security, especially when your blog is your business and you’ve spent the last 5 years of your life growing it.

Total Cost of the Malware Hack

£72 – Malware Clean up from Sucuri (Initially paid $299.99 for the Pro Website Security Platform but got a refund due to the insufficent malware clean up and over-sensitive firewall. You can’t pay Sucuri for a one-off Malware clean up which is why I don’t recommend them)
£90 – Emergency phone call to Sucuri in USA
£37- BackupBuddy Annual Subscription
£60 – Additional Malware Clean up and Support from UK Web Developer
TOTAL: £259

I also paid an additional £120 to switch my web hosting to Fred so my site could sit with a UK Web Developer and host. This was optional but it has definitely given me better peace of mind about the security of my blog. If you are happy with your current hosting service, you wouldn’t need to do this.

What to do if you think your blog has been hacked or has malware

  • Change all of your passwords immediately
  • Do NOT do a back up if you think your site has malware as the backup will duplicate the malware. Wait until the malware has been cleaned out before backing up
  • Get in touch with your web hosting provider and ask them to check for malware
  • If malware is confirmed, you’ll need to pay for a web developer or security provider to clean out the malware for you
  • Follow the below advice to protect your blog going forward

What You Can do to Protect Your Blog / Website

If reading this post has made you think about your own blog security, here are a few things you can do protect your site;

  • Make regular backups of your website. I use a Plugin called BackupBuddy which automates daily backups and stores them online in a cloud if I ever need them.
  • Enable 2-factor authentication on your admin log in page. On WordPress, this can be done via a Plugin and phone app called Authy. A unique code is sent to your phone every time you try to log in.
  • If you have a self-hosted WordPress blog, you can change your generic admin log in URL to something completely unique, so hackers can’t find it
  • Ensure your blog has an SSL certificate (this will benefit your SEO and security)
  • Install the free Sucuri plugin for additional security measures
  • Seek advice from a web developer to check that your blog has good protection

If you’re still reading this, then thanks for sticking with me! What did you think of my hack story? Have you had a similar experience or has it made you think twice about your own blog security? I would love to hear your thoughts so please leave me a comment in the box below. Jess x

18 Comments

Related Posts

  • 3 Morning Rituals to Improve your Mental Wellbeing
  • The 10 Commandments of Travel Blogging
  • A Mother-Daughter Day out in Leeds
« How to Spend 24 Hours in Doha
Everyone’s Talking About: The Dakota Deluxe Leeds »

Comments

  1. Matcha says

    16th October 2019 at 4:59 pm

    Thanks for the tips as my blog is posting random blog entries on nothing related – house cleaning, ice picks, dogs! oh no. I will try some of your suggestions and pray it will help!

    Reply
  2. marvenniffi says

    6th November 2018 at 7:09 am

    For beginners and experts as well, this guide is useful for both because nowadays due to heavy hacking attacked, people need to secure their websites and your post is written accordingly.

    Reply
  3. Adriana Kupresak says

    2nd March 2018 at 10:11 am

    Oh my goodness what a nightmare! I’m glad it’s all sorted out now.
    I understand what you said about bluehost, their customer service is terrible, very unhelpful.

    Hope you have a wonderful year ahead Jess xx

    Reply
    • Jess says

      5th March 2018 at 11:08 am

      Thanks Adriana! Such a relief to have it all sorted. It’s interesting you’ve also had a bad experience with BlueHost. Nobody wants to feel like they’re talking to a robot! Human service is what they lack. Wishing you all the best too xx

      Reply
  4. Dianna says

    19th February 2018 at 6:41 am

    I’m so glad you were able to save your blog! How disappointing on Blue Host’s end though… considering you must have been using them for years and their handling was below expectations =(

    Dianna <3

    Reply
    • Jess says

      20th February 2018 at 6:05 pm

      Hi Dianna. Thanks for your lovely comment! It was definitely dissapointing service from Blue Host even though I was hosting with them for about 4 years so they lost a very loyal customer. X

      Reply
  5. Soujanya (@thespicyjourney) says

    17th February 2018 at 7:38 am

    OMG that sounds like a nightmare. I have been blogging for only 2 months now and can’t imagine losing my data. Thank you for an eye opening post! I’m happy that your issues got resolved 🙂

    Reply
    • Jess says

      20th February 2018 at 6:07 pm

      Thanks Soujanya, it was a total nightmare! Especially with all the content I had created over the years. Hope the post has helped you to make sure your own blog is protected x

      Reply
  6. Jet says

    16th February 2018 at 9:49 am

    That is terrifying; it would be dreadful to lose so much work, glad it was ok in the end,

    http://www.jettravels.co.uk
    J.e.t
    X

    Reply
    • Jess says

      20th February 2018 at 6:08 pm

      Thanks Jet, it would have been awful! I feel very lucky to not have lost anything. I am super paranoid now but all the security measures are now in place! X

      Reply
  7. Tina says

    16th February 2018 at 7:33 am

    Thank you so much for this post. It makes us aware that we should protect our sites better.

    Reply
    • Jess says

      20th February 2018 at 6:08 pm

      Thanks Tina! Hope this post has helped you to make sure your own site is protected x

      Reply
  8. Angie Silver (@SilverSpoonLDN) says

    15th February 2018 at 8:45 pm

    I’m so relieved it’s all fixed now.

    Reply
    • Jess says

      20th February 2018 at 6:08 pm

      Thanks so much Angie! So am I 🙂

      Reply
  9. Laura says

    15th February 2018 at 7:09 pm

    Oh gosh Jess that sounds so stressful! I’m so glad you got everything restored In the end. This post will be so helpful for anyone who experiences the same thing xxx

    Reply
    • Jess says

      20th February 2018 at 6:09 pm

      Thanks Laura… it was so so stressful! I feel lucky to have been able to restore everything, especially with no backups. Hope the post helps others x

      Reply
  10. Pamela Haack says

    15th February 2018 at 11:33 am

    Thank you so much for sharing your experience and your suggestions! It’s awful to have this kind of thing happen when you depend on your blog or website for . your business. Hearing advice from someone who has gone through it is very helpful. Thank you!

    Reply
    • Jess says

      20th February 2018 at 6:09 pm

      Thanks for your kind words Pamela. So relieved that it’s all sorted now and glad it has home in handy for you. x

      Reply

Spark a conversation! Cancel reply

Jess is an an award-winning UK travel blogger based in North Yorkshire, providing you with inspiration for both local and global adventures.

Read More

Looking for something in particular?

Subscribe

Never Miss a Post!

Latest Posts

Mediterranean Cruise Itinerary: Visiting 6 ports in 7 days

Family-friendly glamping in the Lake District with Feather Down Farms

An Indulgent Escape at Columbia Beach Resort, Cyprus

Follow on Instagram

What can I say, ya gals a foodie 😝🍴 #trave What can I say, ya gals a foodie 😝🍴 

#travelfoodie #eattheworld #globaleats #worldeatery #eeeeats #worldfood
Hello 2023! 🤍 A clean page, a fresh start. I h Hello 2023! 🤍 A clean page, a fresh start.

I had too many words about 2022 for a caption, so I’ve put them all into a blog post. 

My “2022 year in review” is live on The Travelista. It’s a longer, personal blog post about lessons, learnings, achievements and travels from year just gone, as well as my hopes and goals for 2023. I’ve put a link on stories for anyone interested. 😊

Wishing you a healthy, happy, adventure-filled New Year ✨

Photo: collecting shells on Cleethorpes beach during Twixmas 🐚
My 2022 travel recap ✨ 17 destinations across My 2022 travel recap ✨ 

17 destinations across 9 countries. My son stepped foot in 3 new countries and I got to bring him on 6 trips with me, including his first cruise. Wow ♥️

I’m finding a new rhythm for travelling with (and sometimes without) a little one and can’t wait for what’s to come in 2023.

Whether you’re new here or you’ve followed my journey for years, thank you so much for being here, for every like, comment and share. It is this amazing, supportive and loyal community that has enabled me to quit my job this year and return to doing this full time again post Covid. 

What was the most memorable place you’ve visited in 2022? ♥️

Where I went in 2022: 

Abu Dhabi
Cyprus 
Marbella 
Bruges 
Amsterdam
Guernsey 
Lake District 
Newcastle
Edinburgh 
Whitby
Lake District II
Almuñécar
Barcelona 
Gibraltar 
Marseille 
Rapallo
Florence

That’s a wrap! See you in 2023 🎥
A little snapshot into our Christmas, the first on A little snapshot into our Christmas, the first one in our new home, blending our families and hosting for 9. ☺️🥂 Hope you all had a lovely day 🎄

Merry Christmas from my family to yours ♥️.
Before I sign off for a little Christmas social me Before I sign off for a little Christmas social media break, here’s a festive photo dump of the past week + sharing my favourite poem🕯🎄🥂

Featuring 

➕ A lunch to @bettys with the girls. Making a new tradition. 
➕ A family visit to @castle_howard for their spectacular #IntotheWoods Christmas experience. Phenomenal. We go every year and it just gets better and better.
➕ Carols by candlelight at our local church - magic - but so many layers because the heating was broken!
➕ Dust if you Must by Rose Milligan. The perfect tonic in the (potentially stressful) build up to Christmas. 

We are hosting family this year and I’m excited! I’d love my house to look like a festive show home but it doesn’t, and that’s ok. (I have a 4 year old making mess twice as fast as I can tidy it). 

Fellow hosts, don’t be so busy ‘dusting’ that you miss all the little moments of magic! I’m reminding myself of this too. Swipe to read the poem and you’ll get it. ♥️

Wishing you a perfectly imperfect Christmas 🎄 

Love Jess x
ad Come with me and my Mum to do some last minute ad Come with me and my Mum to do some last minute Christmas shopping at @junction32. 🎁 

We are all feeling the pinch this year with the rising cost of living, so I set myself a challenge to find gifts for under £30. By shopping at outlets like Junction 32, which has over 80 brands offering up to 60% off the retail price, your money truly does go so much further. ♥️

What gifts I bought;

✔️ Slippers from @radleylondon RRP £40 J32 Price £20
✔️Himalayam charcoal gift set from @thebodyshop RRP £36.00 J32 Price £29.50
✔️Wax cheese wheels from independent retailer @themousehouse_lincoln £3 for £16
✔️Children’s cutlery set from @procookuk RRP £10 J32 Price £7

As usual J32 had some brilliant items on offer and a huge amount of choice, even this far into December.

Have you got any last minute Christmas shopping to do? I think I am finally done! 🛍 

#outletshopping #junction32 #junction32shoppingcentre #j32 #yorkshireoutletshopping

Subscribe

Never miss a post! Subscribe for Travelista updates and newsletters

The Travelista on YouTube

  • 3847likes
  • 19680followers
  • 9865followers
  • 2060subscribers

Copyright © 2023 · Design by Gatto

Copyright © 2023 · The Travelista on Genesis Framework · WordPress · Log in

  • Privacy Policy
  • FAQ
  • Contact