It turns out that a number of monster error_log files appeared in several directories on every site. They mostly came from sources that had ‘.ru’ (Russia) and ‘.ua’ (Ukraine) suffixes. Hmm.
After much searching and looking for solutions (folks at my hosting company, D9Hosting, helped a ton), I took many, many actions to beat those ne’er-do-wells.
My Multi-Pronged Strategy
- Moved all subdomains to stand-alone cpanels on my vps (virtual private server at drdennisclark.com).
- Changed all passwords to something so strong that I don’t remember them (wrote them down, though).
- Changed all header.php files to ‘read-only’ in File Manager directories at my WHM.
- Installed and repeatedly ran Wordfence security plugin.
- Got rid of ALL plugins, then reinstalled them from fresh downloads. (These little chunks of software are the major gateway to hackers invading WordPress blogs.)
- Deleted all blogs that I no longer maintain (down from 14 total, to 9 now).
- Bought, installed, and customized a Genesis Child Theme (Lifestyle Pro) from StudioPress, at least on one blog so far. More to go.
- Actually attended a WordPress Meetup group to see what I could learn … mostly found out that folks there spoke php, Joomla, etc., more than they spoke English. Or at least it seemed like it to me.
- Found out what a bad idea it is do delete databases without backup. Dang!
- Yelled and screamed at my computer a lot … very refreshing.
- Applied and reapplied (successfully) for reinstatement by The Mighty Google.
In the midst of all this, Cox Cable started playing games with my connection speed promising a gazillion Mbps and actually delivering a gnat’s fart fraction of that. Sometimes I wonder how long a business can stay in business in spite of such rampant skullduggery and outright incompetence.
Switched to Century Link … same story, although I got my connection speed back up to an acceptable level. Changing anything to do with technology always presents a challenge, so that took a couple of weeks (and a great deal of persistence from my bulldog sweetheart browbeating service reps) to finally get everything working right: laptops, router, modem, ‘smart’ (actually pretty dumb) TV, notebooks, phones, etc.
I swear, the stress of all this is the root cause for my golf game going to hell. At least that’s my story and I’m sticking to it. No chance it could be blamed on deteriorating athletic ability at all, right?
Anyway, I feel better about everything now. Malware and malicious code rarely pops up anymore. I still have a LOT of work to do to generate new, clean databases on each new cpanel, without losing all the content I’ve put out over the past several years. This is not something I am looking forward to.
The Crown Royal Solution
Well, this isn’t so much a solution to all the new technical challenges from getting hacked. Nevertheless, whenever the frustration got to me too much, I’d just take a little sip – or sometimes a big swig – of Crown Royal. Sometimes this helped soothe things a bit, and sometimes I took enough sips that I just didn’t give a crap.
Then I’d go out and play golf.
Take that you Russian gangsters!