Hackers crashed my business

That’s right 1 silly mistake crashed my business for 4 days! No I’m not talking about just one of my websites, I mean all of the ones I have on my 1and1 webspace.. Fortunately I have other online business on alterative servers so I didn’t lose everything, but the majority of my online products and blog were gone in the space of a few hours!

Let’s begin with a short story of how it all happened

Monday night I received an email from 1and1 hosting to alert me there had been a malicious file uploaded to one of my websites. This website was currently under construction and had been for a few months due to alternative products and ventures taking precedence. I was offline at the time, but I checked my sites such as this blog, the Bloggers Roadmap, Product Development Control, eBook Cycle, Dan Sumner where I have all my recommends affiliate links (All of them) and a couple of other blogs and squeeze pages. Everything was ok, so I thought it had been contained in the domain that wasn’t ready. No big deal I told myself! (Epic fail!)

I woke early in the morning on Tuesday and logged on as I was a little concerned to what end of damage these files had done to my Video Training product. What did I find? Well what came next was very bad indeed, heart stopping bad! I found a blank white page with ‘Access Denied’ in the left hand corner? I tried logging in to my admin panel – no good! Then it hit me.. What about my other sites?

As I went through the domains of the sites on my webspace, I found they all displayed the same text ‘Access Denied’, ‘Access Denied’, ‘Access Denied’, ‘Access Denied’, ‘Access Denied’! It was at this point panic set in.

Ok, what was I to do. When this happens you need to think logically and try to diagnose the problem, so I called 1and1 for support. At first they were very helpful and told me that I should change all my passwords for login, databases, email, FTP, site admin and any other online related passwords. It was at that point I asked what about my sites? 1and1 told me their security team would be in touch shortly. So I was stuck for a few hours while they looked into it. 12 hours actually!

Late Wednesday night, 1and1 send me a file with all the corrupted links, over 600 corrupted files. Whatever had hacked me had spread like a virus across my webspace and disabled all my sites completely. Just my luck as I had just released my first podcast (check it out if you missed it).

The next day I called the 1and1 security team for a solution to my problem. This is where it all went wrong!

I asked the customer service guy what to do, he didn’t know? I asked him for a backup of all my sites, he said they had been corrupted in the backup and that was no good. Then he suggested I delete all my webspace and start again! For some reason he put the phone down? I must of offended him..

I tried again, only to hit another roadblock, which resulted in this particular member of the security team asking me if I had a web developer with me. To which I responded I never, then she said to me “well I think you should get one!” For some reason she put the phone down? I must of offended her..

I was tearing my hair out literally, so I had one last ditch attempt at 1and1 tech support who said a backup would be with me in 24 hours time. Completely disheartened and very low, I put the phone down without any real help to why I had been hacked, how to fix it or where to turn. 1and1 did actually try to sell me a security package, but said they couldn’t fix the current issue. So once again I was left where I started in my own business, with nothing and no help! Time to get busy!!

With everything broken, I took at look at my webspace and the accumulation of crap I had on it. I looked at what was making money, what I used and what I could use. I created a criteria like this:

  • Profitable
  • Future profits
  • Trash

I set to work removing everything I had, creating a cleaning house! Domains were cancelled, emails removed, blogs removed, members area’s removed, AdSense sites removed, old products removed. I basically cleaned up my webspace, and was left with my core, profitable business. Everything that wasn’t making money or building my mailing list was now gone or redirected.

I had already spoke to Dan Thompson of D9 hosting about a move when I was up and running again. This is now in the pipeline and should be transferring shortly. This is all due to the complete lack of support from 1and1. After 8 years of hosting, this is how much customer loyalty means? No thanks I’ll move on, I obviously mean very little.

My next step was my good friend and tech wiz Dave Nicholson. Dave is a genius when it comes to web code. I know a little about coding and building blogs and websites, but Dave is the Jedi Master. I sent some files and within about 5 seconds diagnosed my problems. I had 600 files to fix! So I set to work and 16 or so hours later! My site sites are back again! I am behind now on daily tasks, so if you did email me sorry I will get back to you.

How to avoid this type of disaster and what you can learn from it

The rules are simple. With the invention of push button websites, such Optimize Press and WordPress security flaws are more common that ever. So you have to be vigilant and stay on top of all your sites.

1. Update the sites you run, the ones you don’t use or need any more delete them from your webspace. Back them up by all means, but don’t leave them to hacker back door attacks
2. Update all plugins and wordpress versions
3. Use a security plugin such as Better WordPress Security
4. Back up your site regularly or use a backup plugin if you use WordPress, use a backup plugin. I would still download your server once per week to be sure
5. Get a good hosting service who WILL support you with your sites and place them on separate control panels to minimize damage
6. Try a third party security team such as Sucuri to help you

The bottom line is, don’t leave yourself open to corruption. As much as you may think it’s not going to happen to you. It can and it will if you are not super careful. Times are changing when it comes to websites and done for you technology and that means security issues. When you are relying on websites, themes and plugins created by different development sources, updates are not seamless which can lead to security holes. Be careful.

As well as the above, I do recommend evaluating your business once per month. The simple tasks such as:

  • Cleaning up your webspace
  • Managing your mailing lists
  • Removing what isn’t working to free up time for what is
  • Trying new ventures to improve your business
  • Moving forward

Please take note of the last three items from that list. You can’t do these if your webspace has been hacked. Take care of your websites and webspace the right way and it will run itself.

I hope this post helped and I hope my experiences help you in the future.

Subject for comments – what are you doing to protect and manage your business. Do you evaluate your businesses?