Monday, April 29, 2013

Salvage

Today, my website exploded...

Too dramatic? Okay, let's dial it back a bit. It started last night when, out of curiosity, I search for my own website on Google. Actually, I searched for myself, but I knew my website should pop up in the results.

It did. With a warning. And I immediately knew why.

At some point, a bit of code attached itself to my website. I don't think it's especially malicious, except that it draws spam to the site, and tries to attach itself to links in the description on social media. On a couple of occasions I've had to actively removed the description to prevent the code displaying.

I searched through my site, but I could never find it.

Today, I decided to search everything. Everything. Unfortunately, beginning at my hosting site was probably the worst decision I could have made. It said I didn't have Wordpress installed. That made me worry, that maybe the code had done something. I clicked 'Install' through the host...and lost everything.

So, that sucked.

I panicked, I clicked 'Uninstall', it fixed nothing. In fact, I was left with literally nothing. Not even a Wordpress site without anything on it.

Damn.

I went to FileZilla. I tried fixing the site manually. Over an hour passed, no progress made. I panicked even more. I Googled everything I could think of to try fix it. Eventually, I decided to try add Wordpress to the site again. I downloaded the most up to date version, because my older files didn't seem to be doing anything.

And boom: the site was back. I still had my posts. I calmed down.

Except... well, I couldn't actually access any pages. And that damned code was still there. I could see popping up as my website got back on its feet, pages not loading quite so quickly as they should. I snarled. In my head, I snarled. I would get it yet, just as soon as the website was functioning.

Google, again. Getting annoyed. Permalinks, that was the answer. And dammit, I made it work. I made the damned thing work.

There was only one thing left to do: wipe that damn code off my site, once and for all.

I went to the Editor in Wordpress, reserved for editing the Theme. I didn't care: I knew what I was looking for. I had seen a word of the code pop up over and over again. I searched for it on every page in the Editor, and finally, there in the Header file, I found it: a massive block of text and HTML links, a beacon for spam bots, a paragraph to paste itself onto social media descriptions of posts from my website.

I killed the bugger, claimed back my site.

It's all calm now. The site isn't dangerous - never was - but that code was there. It was more of a bother for me than for anyone else. Want proof? Google have a diagnostic check: http://www.google.com/safebrowsing/diagnostic?site=paulcarrollwriter.com

It's all fine. Even back in  February it was fine, with the code on it. It wasn't malware, which was a relief to discover. It was just an annoying beacon.

I can stop being all dramatic about it, now, right?

No comments: