Recovering from a Pharma Hack

Last month (June 2012), I was the victim of a vicious pharma hack. This isn’t the first time my website was hacked, but it was definitely the worst. It’s been tough, but I’m prepared to talk about what happened, how I fixed the problem, and what I’m doing to recover my business.

What Happened?!

The Initial Signs…

Around May, my traffic started to peter out. I expected this as it happens every year. The combination of Mother’s Day, Memorial Day, and general “preparing for summer” tends to make people forget my website exists. It’s the same drop in traffic I experience right before the “big” holidays in the winter. It’s completely understandable.

However, when things didn’t pick up again when they usually do (about mid-June onward), I started to get worried!

What was going on? Did I do something wrong? Did people just not like me?

What happened?!

Strap in. This is a long one.

How I First Saw the Hack

AKA Why My Phone is Magic

Blackberry Curve to the Rescue!

It was just pure luck/chance that I finally saw the damage done to my website.

I was out and about and I wanted to see if my latest post had uploaded all right. Since I wasn’t near my “real” computer, I checked it on my phone…

…And that’s when I saw it.

All over my website!!

“Buy Viagra!”

“Buy Wellbutrin!”

OH NO!!!

None of this could be seen from my computer browser, but, for whatever reason, it was visible to my phone. And, unfortunately, to the Google robots.

What the Robots Saw

AKA How My Website Became a Google Pariah

My worst fears were becoming my horrible reality: Google hated my website.

I was nowhere to be found when I typed in the keywords I have previously been ranking well for. And when I typed in “littlezotz.com,” Google came back with the message “This website has been compromised.”

I knew for sure that I wasn’t imagining what I’d seen on my phone when Google Fetch returned with the same results.

I felt horrible.

I not only felt humiliated, but I was filled with all sorts of anxieties. Not only was this hack warding off future clients, but I’d betrayed the trust of my current clients! When people come to my website, they expect a safe friendly experience–not an advertisement for boner medication!

In order to protect my readers, I hit Facebook and Twitter to warn them away. And I put my site into Maintenance Mode.

Website Security

The True Cost of Being Cheap

I have a confession: I’m incredibly cheap.

I’ve been called a “miser” by close friends.

In fact, the original reason this Blog has hand-drawn illustrations with every post is because I was too much of a skinflint to pay for stock photos! (Just my luck that the illustrations caught on! …And I happen to like drawing them).

It’s partly my personality, partly from growing up poor, and partly something completely beyond my comprehension. Maybe I read too many Uncle Scrooge comics as a child. Who knows!

So when I read in WP Pro Simple Security that I could get website security with a few free plugins, I installed them, dusted off my hands, and moved on with my life. DONE!

…But free plugins can only go so far…

I hit the WP Pro Business forums and asked for guidance. Adam Warner himself signed on to assist me.

Free plugins from trusted sources are a great fundamental step in preventing  website hacks, but “no website is completely safe.”

I was going to have to invest in something more heavy-duty!

Sucuri

How My Website Was Saved!

Per Adam’s suggestion, after I couldn’t get rid of the hack on my own, I signed up for some website security at Sucuri.net.

Sucuri Security

I couldn’t believe the services these guys provided! AMAZING!!!

Not only did they believe me when I said there was a problem (unlike my webhosting service–and I’ll get into that in a moment), but they were able to fix the problem WITHIN HOURS!

They were friendly, professional, and went above and beyond the call of duty. I asked a ton of questions and they answered every single one. Without treating me like an idiot.

Not only are they scanning my website every 4 hours, but they provided me with several new ways I could protect my website on my own in my spare time.

They also wrote into Google on my behalf and got my “compromised” status removed!!

Wow.

That picture of their logo is actually a link to their website. Go get yourself some of their awesome security. I’m not kidding! I hate spending money, but they are worth EVERY PENNY of the $89.99/year they’re asking for–and more!

Changing My hosting Service

AKA Why Green Geeks is Terrible

When I first started my website, I asked a fellow writer friend which hosting service she was using. She turned me to Green Geeks and, at $4 a month with unlimited space, I was sold. (This goes back to my being cheap…)

However, there were problems from the start.

I have a huge list of grievances with this company, but my main one is this: Their customer service is TERRIBLE.

They have a live chat service, but, unless you’re talking to “George,” it’s completely useless. Every time I asked a question, their response boiled down to “figure it out yourself.”

When I was hacked the first time, I let them know, and I (stupidly) asked for help. Their response was telling me “don’t tell anyone your password next time” (I DIDN’T!) and giving me a form letter with a list of “prevention steps.” Nearly every time I spoke with these people, they were evasive at best and downright rude at worst.

When my site was hacked again last month, I went to them again–not expecting help (HA!), but wishing to warn them in case my website compromised anyone else on their server.

They reacted with annoyance, told me they didn’t see anything wrong with my website (even through I provided them with screenshots of my Google Fetch results), and proceeded to bombard me with an advertisement for their own “website security” service. Which I thought was tacky, and a little suspicious.

That was the last straw.

I’m currently in the process of changing my hosting service.

I’m moving my site over to Rydia.net.

I didn’t use Rydia originally because I thought they were for artists only, and that they didn’t host WordPress sites. Well, while they do cater mainly to the artistic community, they do host WordPress sites now.

For their customer service alone (You’re awesome, Dormando!!), I would recommend this host. That, and my significant other has been using them for over a decade with no problems.

The Aftermath

“Come Back, Everyone! It’s Okay Now, I Promise!”

I mentioned at the beginning of this post that my traffic took a major hit.

Here are some screencaps of my Google Analytics results, as compared to previous months:

That faint sound you’re hearing is the sound of my quiet sobbing.

My traffic was less in June overall, but the big gap of “zero” was after Google had blacklisted me and during the time I’d put my site in Maintenance Mode.

OUCH!!

That’s going to be hard to recover from.

Moving Forward

Looking on the Bright Side

On the bright side, in the time that I thought my traffic had dropped because of something I had done personally, I made a lot of improvements to my website. And even though I know now that my traffic drop wasn’t from something I did, I’m going to  continue to improve my website!

My website has an overall cleaner look, easier navigation, more information, and is just overall…better.

I also used the time without my website to submit to magazines, work on my poetry, and create a brand new buffer of Blog posts–for this very Blog!–that I think you’ll really enjoy.

I’m truly sorry about what happened.

Please come back?

Related Posts:

Tagged with: , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Freelance Life, Freelancing, Freelancing Advice, Uncategorized
4 Comments » for Recovering from a Pharma Hack
  1. Great article Lauren, I know this will be helpful to other users in knowing how to deal with a hack…it’s no fun that’s for sure and having services like Sucuri behind the scenes is something any site owner should strongly consider.

    Glad I could help a bit too:)
    Adam W. Warner recently posted..Why I Started Outsourcing and How I Manage Our TeamMy Profile

  2. Sorry you went through all of that, Lauren! How horrible… But I’m glad everything is up and running again!

    And I agree: your website looks very clean and sophisticated. Great choice!
    Holly Shaftel recently posted..The Mediterranean Cruise Chronicles: Part VIII (More Pompei photos)My Profile

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

CommentLuv badge
Let’s Connect!
100 Best Websites for Writers Lauren Tharp: Guest Expert FWA Podcast

DIY Writing Resource Best Free Resource 2012 Best Free Resource 2013 OBAW-Contributor-Badge