Buhay Bahay-Bahayan

Just in case you didn’t know, this site was attacked/hacked. My wife noticed it last week, when she tried accessing this site, which then redirected her to another site that warns visitors of a possible malware attack and then makes it look like it’s scanning your PC, complete with warning pop op messages. Those malicious sites are

www1.firesavez7.com

www4.suitcase52td.net

Of course I panicked!

It took months for me to find this theme. It took so much time and effort making it look halfway decent, researching plugins and a few tinkering here and there.

And since KG‘s site is a subdomain, it got infected too.

I searched online for ways to remove the malware, but most of the tutorials call for scrutinizing php files with malicious javascript injection and then removing the contaminated code. That sentence right there made me dizzy and sent me into a frenzy. php files. javascript. contaminated code. What the effing are these? I wouldn’t be able to tell which is the malicious code and which isn’t.

Since I don’t know anything about it. I did the only thing I knew. I exported our sites, praying everything will be there when I import it back. I then removed/deleted our sites from the main server (GoDaddy).

I’ve been in constant communication with my server’s customer service since day 1, and they’ve been very helpful. Further research led me to reports that it was actually my server (GoDaddy) that got hacked. The attack on GoDaddy apparently happened on May 1. And it took a while before it spread to their servers and thus affected websites hosted there too.

As of writing, about 8 hours ago, I received their latest report. They’ve checked and confirmed that my hosting account indeed had php files that contained a javascript malware injection (nosebleed!) and have removed the said codes.

I would like to ask everyone to please let me know if this site still redirects to another suspicious site. Thanks!

And to the hosting support staff Mike F., Matthew A., Pete H., and Christian P, thank you.

Special thanks to Mai and Glenda of Oodles of Goodles and Jo of Wits and Nuts.

First off, I want to say thank you to all the well wishers. I’m doing good now. Not 100% yet, but I feel so much better.

Ok. Now that we have that out of the way. :aie:

I’m a bit OC. When I get myself into something, I get obsessed, to the point that it actually consumes me. When I started this site, everything was new. It was my first time working with a WordPress platform, and I have no clue as to what it does and how I would use it. But I wanted to learn. There are so many things that I wanted to do. So I spend a lot of time exploring it.

One of the things that I wanted was to have that icon thing right beside the URL (aka web address). A few guys at the office are taking classes on programming and web design so I asked what that was called. They have no idea. Haha! Big help those guys are! After a few weeks of googling, I finally found what it’s called. Favicon. Now the problem is how to use it. I googled and experimeted with different ways. Some even needing me to install a code in the main template. Have you seen your site’s template? Real wacky stuff ain’t it! I was lost. I have no real concept of templates and codes, and css and php. Too technical!

But I had a breakthrough yesterday afternoon. I found a simple way to do it. Shockingly simple. It was a Cheers moment. :[

It’s called Shockingly Simple Favicon. It’s a WordPress plugin that you just install. Easy! Just like what I was looking for.

Read the rest of this entry »