As you may read from my last post, early this month I found that someone had hacked and redirected my blog to other site. As soon as a visitor landed at my blog, they would hear few clicking sound, then being redirected to another site in China.
I managed to remove the redirect codes then went to post few questions in Problogger Forum. I got a very nice suggestion from Paul Cunningham on what will he do if it were him, once he concluded that my site had been hacked. Paul said:
The problem is now you can’t trust your blog to not have a back door left in it for future attacks, even though you’ve updated. A recent exploit left a hidden admin account on victim’s blogs so that the attacker could get back in.
I thought it really made sense, so I followed Paul’s suggestion listed below by doing these steps one at a time:
- Change my web hosting and FTP passwords
- Backup my /wp-content folder
- Backup/export my blog posts
- Do a complete site backup (via CPanel if thats what your host provides) – this backup is just in case you need it later on, its not for restoration purposes because it will include the hack
- Blow away my blog completely (after you’re 100% sure your backups above are okay)
- Reinstall WordPress with freshly downloaded files and with a new mysql database
- Restore all my blog settings, choosing a different admin password this time
- Thoroughly check my theme before uploading and activating it (if its a premium theme download a clean copy from your provider)
- Reinstall all my plugins via WordPress so that they are definitely hack free
- Restore my backed up blog posts and uploads folder
However, I made a big mistake — I didn’t verify if my backup was okay before blowing away my old blog.
Here are my excuses:
- I didn’t deleted all the files in the wp-content folder but simply changed the name of the folders then blocked visitors’ entry to the default page.
- I thought it would be easy to copy those files back in case if I need any of them later. Furthermore,
- I also have the WPAU backup files when I updated the WP to 2.9.1 last week and I thought all the files would be there in case I need them.
- I also have tested and recovered all the postings from the exported XML files using WAMP Server and everything seems to be okay.
It wasn’t until late last night (or early this morning should I say), I found that some files got lost in transfer when I moved files across all the folders. I then remembered the backup files and ran into the second problem.
Everytime I clicked to unzip the backup zip file, I got this error message saying: “Window has blocked access to this file to help protect your computer” as shown in the pop-up window below:
Indeed I clicked on the link in the pop-up window and it took me to the help page, saying that if I’m certain that I trust this file and want to open it, then follow the instructions below.
- Save the file onto your computer.
- Click Start, click My Computer, and navigate to the file that you saved.
- Right-click the file that you saved, and then click Properties.
- Click Unblock near the bottom of the dialog box.
Unfortunately it took me nowhere. I then spent time searching for the answer online on how to solve this problem but failed. Finally I decided to repair the blog manually. After all, I got all my postings except the last one about Dr. Michelle Basutti that was missing. Actually Dr. Basutti’s story was in the last XML file I exported, before I upgraded the WP. But it would take a lot of time if I want to extact that file alone ( unless you can tell me how 
).
What I still need is to reset the appearance of the blog, update the header, checking my adsense codes etc. Again, this is another time consuming process. That brought me to think, maybe its time to start with a totally new blog.
The question is, how to export single file instead of the whole blog into my new blog?
There are many posting, such as Dr. Shu’s fight against cancer etc., that I think would be very useful to my readers. I’d like to keep these old posts in my new blog.
Also, if I would like to implement the lessons I learn in 31DBBB, I think doing it in a new blog would be easier to watch than this one.
Any suggestion on how to export single file or what to do next would certainly be appreciated.
Popularity: 12% [?]
