A few days ago, Stratos’ Sphere was hacked, or “defaced”. I’m guessing that’s what it was, because the attached image was what visitors would see, instead of my blog. This was quite ironic, actually, since I had just attended a security seminar (at work) where the “I’m safe because I’m small” attitude was found to be one of the most frequent reasons leading to hacked sites.
Here’s my account of what I had done wrong to end up with a hacked blog and what I did wrong while trying to recover, which may help others to avoid this situation or to make a faster and easier comeback.
To set the premise, let me point out that my blog is self-hosted and that I’m using a shared hosting service. I have my own domain name and I’m using cpanel in order to manage the hosted domain. So, what are the lessons I’ve learned?