Some of you may have noticed that my blog and portfolio sites were down yesterday following an attack by hackers. I was delighted to find out today that the attack was actually on my host company, Namesco, rather than specific to me, and they have now restored all affected sites using recent backups. You can read a statement about the attack on their site.
When I first noticed the attack, my immediate assumption was that the hackers had exploited a vulnerability in my WordPress installation. My response was to remove the blog entirely and restore the affected index.html file on my root directory (my portfolio homepage). I intended to reinstall the blog last night, but in the end did not have time. And it’s a good job that I didn’t, given that the host company restored the sites their end this morning.
I actually only thought to contact my host company this morning when I spotted this thread on a forum, where someone reported the exact same attack which I had suffered. The suggestion there was that it was the result of a wider attack on the host, and when I contacted Namesco to check this, they confirmed it to be the case. I replied suggesting that it would have been nice if they had told me this as soon as they spotted the problem, saving me a lot of time and worry, but apparently that isn’t possible (see below).
Anyway, I’m back in business and all is well. The experience has given me cause to think again about security issues, and I plan to look more closely at WordPress security soon (this attack had nothing to do with WP, but it wouldn’t hurt to beef up security nevertheless). Look out for more on that soon.
EDIT: The reply from my host company, saying that notification about such problems isn’t possible:
With this type issue its not possible to contact customers about this. The reason for that is that the servers that hold the domain names do not have a record of the hosting account / customer account to which they belong to in the control panel. Also as not all sites were affected the time it would take to determine which customers had been affected, and then identify their contact details would pull recourses away from resolving the issue.
There are a number of websites / companies that will monitor websites for you (some free and some paid for) like site uptime.com, totalnetworx.co.uk which can alert you should the site go down. Its worth pointing out however that depending on how they monitor the website false alerts are possible.
Accordingly, if anyone can recommend a good monitoring service, as per the above suggestion, I’d be pleased to hear about it.