Websites maintenance

Reading Time: 3 minutes

Cherlynn’s website was hacked on Boxer’s Day. She messaged me while I was about to pack up and leave school for dinner with a friend, saying that she could not access her WordPress backend as usual. I went into overdrive and access to her cPanel directly. I did not have the site checked out until I saw this:

Screen Shot 2012-12-26 at 8.56.59 PM

The user_email had been changed. I had it replaced with an email under my control and reset the password through the WordPress system instead of changing the user_pass directly in phpMyAdmin. When I logged into the site, the first thing I noticed was this:

Screen Shot 2012-12-26 at 9.00.53 PM

 

I immediately took down the site and had the index.php file replaced with a maintenance message. I was hungry and so was my friend.

Moving on, I had no idea how they did it. The only sign was that it was hacked about 6 hours earlier. The only file I could detect a change was index.php in the active theme folder. There was no raw logs for me to see. It was my fault since I didn’t have it enabled when I helped her setup the site years ago. So I did what I could: I replaced the core files if there were any unwanted changes, and I had old, obsolete, unmaintained plugins removed or replaced, unless I had seen the codes and understand what the codes are doing.

This sparked me to doing maintenance on my site too.

Screen Shot 2013-01-02 at 3.11.20 PM

It was running terribly slow. I had too much bloat in the system. The only saving grace was that this site is hosted on local soil, fast enough, but slow nonetheless. I ended up removing competing plugins, cleaning up database, and implementing cache, CloudFlare. It also indirectly sparked me to hack the Facebook plugin.

Screen Shot 2013-01-02 at 2.54.17 PM

If I was lazy or missed a step, there would not be a featured image to display in the og:image tag. This hack would allow a user to specify an image to use. Still a work-in-progress since I have yet to test out the hack. After the test, a pull request will be made to the git and hopefully, my name would be on the contributors list. Heh.

And oh, I don’t like it how the plugin gets the full size of the featured image and list it in og:image. It should at least be gracefully degraded from thumbnail size if the thumbnail size is not at least 200x200px. Preferences, I guess.

Robert has just graduated from Singapore Management University, School of Information Systems. He studied Analytics as his second major. To keep himself occupied in his free time, he takes up projects that interest him.

Leave a reply:

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.