Gremlins Ransacked My Website

After uploading my latest podcast, the last thing I expected was a total website failure.

A 500 Internal Server Error occurs when a web browser can’t access a website because of a problem with the code. Apparently, gremlins ransacked my website. But how? I have two-factor authentication, or “2FA” as they call it. I get a code sent to me whenever I login to my site. I send the code back and it verifies to the server that it’s me who’s logging in.

Puzzled, I contacted tech support. They responded quickly. But, the solution they provided was even more baffling. They said I needed to comb through thousands of lines of code and delete the malicious data. But it was important that I didn’t delete code that I actually needed.

Um . . . Ok?

I opened up a code editor for kicks to see if finding malicious code was something I could do. Not surprised, I had no idea what I was doing. None. The next day, I found a web company that advertised being able to fix general WordPress issues. I signed up for their service. They fixed the problem in about two hours for a reasonable price. Thank you, fixed.net.

The problem, as I learned, was that some of my plugins hadn’t been updated in a while. Un-updated plugins aren’t compatible with current versions of WordPress. I don’t understand how un-updated plugins are vulnerable to hacking, but that’s what happened.

Lesson learned, I guess.

TL;DR – Update your website plugins. The site you save may be your own.