For the second time, since we started PortfolioSitez.com, we had one of our servers hacked on Sunday. Our hosting company recommended we do a restore from backup to make sure there was nothing else malicious on the server that would allow them back in and we were able to successfully use a back up from our weeklies. These things never go as smoothly as we like and some information was lost for our clients on that server. If you have not yet read my post on backups please do and make sure to take your own whenever you can. This can be especially important for blog posts as those can be lost if any new ones are posted after our server backup is taken. Every post I write, I write out in Word to make sure I have a secondary copy on my computer and this may be best practice for you if you write a lot of blog posts.

We are unsure of how they got in but they only replaced our index.php files with their own image and no other information was compromised. They did not seem to be after any one person, they simply did it to prove they could and ruin a lot of people’s Monday.  We have taken new security measures on our end and we have a couple to recommend to ensure this does not happen again.

1. Update, update, update! Make sure you update your WordPress to the newest version as soon as they release it and any other third party modules, such as Machforms. These updates could help with any vulnerabilities that showed up in the previous versions.
2. Passwords! Do not use the same password for every aspect of your site with us. Change your password to the cPanel, email addresses and your admin frequently. Try to use passwords with numbers, special characters and capital letters intermixed.

We are aware it can be difficult to remember all of your different passwords but this is the best security habit you could pick up. I personally use eWallet on my Mac, to keep track of all my passwords, and it is awesome. It syncs with all my devices so I have access to my passwords whenever I need them. A free utility we recommend to our team is PasswordSafe. It does not sync with other devices but it is another great utility for keeping track and free is always good.

If you come across anything suspicious connected to your account or site with us let us know immediately; the biggest one being passwords changing without your knowledge. If you feel your site has been compromised in any way do not hesitate to bring to our attention.

On a lighter note, as we come into the holiday season we wanted to remind everyone we will be closed next Thursday for Thanksgiving. We are also running on half days next week since it is such a slow time for us and it allows us to spend much needed time with our families. We should be able to keep up our customer service standards but you may notice a bit longer of a wait on our responses for tech support. We will start a contest and sale next Monday so be sure to check back.