thomasirwin

2 of the sites were almost completely up to date. Many of the others were not. I had the same password on many of the sites which may have allowed the intruder to bounce from one site to the next.

Several things that concern me are:

The 2 site that were up to date I was working on constantly. So I was there and updating things as they popped up on the screen. There are no other people that have access to these sites…

All these sites had the same setup as I don’t know much about design and code. I found a way to make work what I needed to so I stuck with it. Though these sites were similar they had different plugins and shared the same platform (WordPress), the same template (Suffusion), and the same Host (HostGator).

I trust Suffusion… They always seem to be on top of things. WordPress is a solid company and so is HostGator. I actually just deleted many of the sites since the work to fix them is not worth it to me. I really think there may have been a breach at HostGator or through the back office like FTP or cpanel.

So I deleted everything I could just lose and all the ftp’s that were old and out dated. Passwords are all different now and are crazy hard to memorize or even type in. I installed WordFence plugin to monitor login attempts and set rules for attempts before lockout$.

Why do people do this? All this work and grief for what? Do they realize it will come back to them in the quality and joy of their lives?

Anyway, I still have problems and I am working through them. I will be backing everything up from now on. HostGator did spend some time fixing these things but it took me really complaining before they rose to the challenge.

I think that someone got in through cpanel rather than WordPress. Would be interested to see how many people had a similar problem in the end of May and beginning of June 2013!