hacker

Hacked

by

Introduction

As I announced on Facebook, Thinking Torah was hacked about ten days ago.

I thought it would be worthwhile to write a few words about the whole event and my thoughts about the experience.

Join the Thinking Torah weekly newsletter. Click here for details.

What Happened

I don’t intend this post to be a complete history of the event. I’ll only include the details that I think may be of interest to Thinking Torah readers.

There were times when I was completely befuddled about what was going on. I can now look back and understand all of the events.

Besides Thinking Torah I own about a dozen other websites. All of them were developed in an attempt to make money.

As often happens with business ventures, not all of them are successful. That is certainly true about some of these websites.

Those that were not so successful I was not paying close attention to.

One website used a theme called Optimize Press version 1.5. Some hacker discovered a flaw in this theme that allowed them inject malicious code into several files used to run the website.

You can read more about the form of this hack on Sucuri.net.

Once the hack injected the malicious code onto the first website it was then able to spread the attack to all of my other websites that were on the same hosting account.

I use a program called Word Fence on all of my websites. Word Fence periodically scans a website to detect problems on the website.

As necessary Word Fence sends me an email to let me know what problems it has detected. The problems range from notices about parts of the website that should be updated to potential attacks against the site.

One Tuesday morning my email box was filled with messages from Word Fence. The messages were all nearly identical. They told me that files on my websites had been changed.

It took about ten days to figure out what was going on.

During this time, all of my websites seemed to be working properly.

Then I heard about a friend who was experiencing problems with one of her websites not displaying properly.

Rick Anderson from BYOB Website discovered that her website had been hacked. I had the interesting experience of watching a live webinar as Rick Anderson went through all the steps need to restore her website. [UPDATE October 2023: BYOB Website is no longer online.]

It became clear to me that my websites were suffering from the same hack.

Recovery

The way to restore a website from this hack was fairly straight forward.

The first step was to backup all of the information about posts, pictures, and comments on the website.

Then all of the Word Press related files were deleted.

Then a new, clean copy of Word Press was reinstalled on the website. After that all of the posts, pictures, and comments were fed back into the website.

As part of this process, I decided to completely delete three websites. It was time to admit that these websites were not profitable and likely would not be in the future.

Thinking Torah

I needed to go through the same process of backing up, deleting, and restoring with Thinking Torah.

However, the restoring process was not so simple.

On Thinking Torah I’ve been using a theme called Weaver. I liked Weaver a lot. It gave me the ability to control almost every aspect of how the website appeared to the public.

The company who developed Weaver have “updated” the theme and it’s now called Weaver II. I’ve been aware of Weaver II for some time, but wasn’t so happy with it.

I’ve been thinking for some time that I should switch Thinking Torah to a different theme. I wanted to take some time to experiment with various design elements, work out how I wanted the blog to look, and then make the switch at a convenient time.

None of that happened. I had to delete the copy of Weaver that was used on Thinking Torah. I couldn’t keep it since it was possible that the hacker had injected their code into it.

However, I didn’t have access to a new, clean copy of Weaver that I could install on the website.

I don’t like Weaver II so much. Also, I could not find a way to import the settings from Weaver into Weaver II. That meant it would take a lot of work to move the blog to Weaver II.

I decided to move Thinking Torah onto the Thesis theme. This is a theme that I use for many of my other websites, so it was pretty easy to set it up for Thinking Torah. [UPDATE: I no longer use Thesis theme. I’ve now switched to Generate Press.]

Lessons for the Future

An experience like this is a chance to learn lots of new things.

Here are some of my lessons.

I’ve decided to simplify aspects of my internet business. Like I said, I decided to abandon some websites completely.

With other websites I’ve simplified their structure so they will be easier to maintain in the future.

I also know that when Word Fence tells me certain files have been changed to take that message much more seriously than I did this time.

Also, I’ve learned about another security tool that makes it even harder for bad guys to hack me. The tool is called Bullet Proof Security. If you have a website, check out this free tool.

[Update: It was pointed out in the comments that it sounds like I’m suggesting Bullet Proof Security as a replacement for Word Fence. No. In fact, they work perfectly together and do different things to protect your website. I’m using them both.]

[Update October 2023: I no longer use Bullet Proof Security. I still use Word Fence and highly recommend it.]

Why?

I’ve told my story to several people this week.

The most frequent question I get is, “Why would someone hack a website?”

Here are the four reasons I’m aware of:

1. Some people do it for fun or just to prove that they can do it.

2. Some people do it because they want to damage the website. That doesn’t seem to be the reason for this hack.

3. Some people do it because they are trying to access members personal date. Think Target.

4. Some people do it because they want to harness the website to send spam email messages.

There’s nothing I saw that suggests this hacker was interested in destroying my websites. I also don’t think I was specifically targeted.

Midda K’neged Midda

We know from our tradition that one of God’s principles for running and judging the world is midda k’neged midda. Essentially, as you have treated others so will you be treated.

Of course, I have no way of knowing who was behind this hack.

All I do know is that this experience caused me hours of wasted time as well as much confusion, anxiety, and heartache.

I am confident that whoever did this will experience all of these things in their life, too.

Just One More Thing

I’ve been trying to make sure that everything is working on this blog now. If you find anything that’s broken please leave a comment!

Photo Credit: from Flickr – altemark

A Note on the Translations
You will find brief biographies of Torah commentators here.
The translation of Bible verses is based on the Judaica Press Tanach.
The translation of Gemara is based on the Soncino Talmud.
Click here to grab your copy of my free ebook How to Learn Chumash with Rashi.

4 thoughts on “Hacked”

  1. Shlomo, I’m sorry to hear of this disaster. Things look clean here now. I’m fixing a few things on the What’s Your Problem book. Not as easy as it seemed but it should be rectified in few days.

  2. Hey Rav, sorry to hear about your troubles!! But it looks like you learned a lot and are bouncing back quite well 🙂

    Out of curiosity: how did you arrive to the conclusion that Bulletproof Security plugin is better than Wordfence?

    • Hi Mosheh:
      I understand that what I wrote implied I was abandoning Word Fence. I just added this to my post to clarify things:
      [Update: It was pointed out in the comments that it sounds like I’m suggesting Bullet Proof Security as a replacement for Word Fence. No. In fact, they work perfectly together and do different things to protect your website. I’m using them both.]

Comments are closed.