Blog pains. No DR plan.
I planned to spend a leisurely week writing articles for my blog since we were on vacation. A vacation without activities planned, just the type I wanted/needed. We were flying away to spend the holiday weekend with Hubby’s uncle but also have a wedding to attend the following weekend, just two hours away. So we decided to stay put until the wedding.
I looked up my blog in google and noticed some spammy-like text associated with my blog. “Google’s got a problem” was my first thought. Then my second thought was to check out other search engines. So, to yahoo I went. Then msn. Same thing. These search engines seemed to see my blog as spam. IMPOSSIBLE! I don’t have any spammy posts, do I? I’ve received maybe 2 or 3 spammy comments over the short lifespan of the blog and I promptly deleted them. So what could be happening?
I looked at my blog in the browser. Nothing looked unusual. I checked out the source code page. If you’ve got Internet Explorer 6, go to the “View” menu and click “Source”. Nothing immediately apparent. So I did a search of a common spam word, not expecting to find anything. But BAM! There it was. My blog looked like a pharmaceutical for men with problems! There appeared to be more spam text than all the legitimate text on the blog.
I logged on the admin console to see figure out how to eliminate this spam. Could I have uploaded an infected wordpress theme? I wondered. I found the rogue text in the header file and I promptly deleted it. All of it. Problem fixed? Not so fast. The following morning, it was back. Obviously it wasn’t an infected wordpress theme. I was using an outdated version of wordpress.
As I said in my very first post, I first planned to create this blog in 2006. I installed wordpress but never used it. Two years later, I begin to use it. During that time, vulnerabilities have been found and fixed. Never versions of wordpress have been released. And mine was 2 years out of date. And terribly flawed.
Unfortunately, I’m sans FTP tools at the moment and unable to perform my wordpress upgrade. I don’t even know that I want to be performing wordpress upgrades. I just want to blog. Yes, I can handle the techie stuff, but I don’t really have the time. I would rather use that hard-to-find time to write my articles, and of course, read other blogs.
I host on <a href=”http://www.1and1.com”>1and1</a> and they do have a hosted wordpress blog. So I activated that and needed to move my posts and comments over. Not so easy since the wordpress version 2.0.5 that I was using did not have an export feature.
I activated the backup plugin but couldn’t figure out how to use that to restore to a new blog. I ended up setting my RSS option to 40 posts, enough to account for every post I have, save the xml file and import that into the new wordpress blog. Then painstakingly, I edited the Post Timestamp for each one to match the time of the original post and then published. One by one, 33 times.
This is obviously not a fun nor efficient way to do disaster recovery. I still have to figure out the easiest way to restore my comments. It may also be manual but I don’t have many comments at this time.
First thing obviously to do now is to create a backup of my posts. With the hosted wordpress blog, I am not expecting too many problems. I expect the host to keep the software appropriately patched. I however feel very limited in my options. I can’t pick the theme I want. I don’t have access to my wordpress folders. I can’t edit the theme. I can’t add scripts to my source code. I can’t, I can’t, I can’t do the many things I’m not doing now but may one day want to do and want to be able to do.
Given how I’m feeling about the hosted blog right now, I’m likely to go back to managing my own. I’ll have to keep up with wordpress news, keep informed of new vulnerabilities, keep my code patched and clean. Goodness! Maybe I’ll just move over to blogger. Whatever I do, I’ve learned my lesson and a good disaster recovery plan will always be part of my blogging toolkit.
<strong><em>Helpful links</em>:</strong>
<a href=”http://ocaoimh.ie/2008/06/08/did-your-wordpress-site-get-hacked/”>A blog post about securing your wordpress blog</a>
<a href=”http://codex.wordpress.org/Upgrading_WordPress”>How to upgrade your wordpress blog</a>
