Last week, when I tried to access my website, I got an “Internal Server Error”. The same, when I tried to login or access my cpanel. The whole website was not accessible.
I contacted my hosting provider MacHighway (who are probably already exasperated with my constant support requests!), who fixed the issue, and my website was back online.
Curiously, when I tried to log-in, it did not recognise my username and password. I reset my password, and when I logged in – I found that my admin account had been replaced with a new user called “AnonymousFox_hfs”.
Weird.
When I asked my provider about it, they confirmed that my website had been compromised. After jumping through some hoops, I managed to remove “AnonymousFox_hfs” as admin, and setting myself back up as the site admin. I also reactivated all my security plug-ins, which I had – probably stupidly – deactivated in order to enable my blogging software to work.
Checking the site, I could not find anything out of order, so whoever hacked this website did not seem to get the chance to install anything nefarious (hopefully). All my posts are thankfully still there, too.
Anyway – that could have gone much worse.