Zen Cart Hacked – Rebuilding

At this point, in the story, the whole blooming hosting account and all associated sites have been made unavailable to the public (which is nice from a “do no harm” point of view), and it is apparent that both wordpress and zen cart were hacked, though on two separate domains–same hosting account.

I thought perhaps you’d like to know the names of a couple of the files used convert my sleepy little natural body care site into a phishing site feared and hated by Google, PayPal, BlueHost and phishing-site-cops.  They are easily found on the web, and you can even buy your own version!  I got mine “free”, but at some cost.

The two most dreaded files seem to be: update.paypal, and update.bofa/Unauthorized%20Verification%20Form.htm.  Update.paypal is a deal, at $20.   I guess Hackers have to make a living too, and without them a whole lot of internet security folk would be out of a job.

Other people it seems have had great experiences with BlueHost being helpful after their site was hacked, I’m not feeling the love.  But, so much of “Support” depends on who you get.  I particularly love the admonition to keep my finger always over the “update” button, while being blocked from updating the sites!  Not that the info on how to pro-actively secure a site wasn’t entertaining following a hack.  It seemed a little like being shown proper flossing techniques while getting fitted for dentures.  A bit late, and this is the time for drastic measures, not preventive steps.

Thinking it over, I think I’ll secure my as yet unaffected site, then begin the scorched earth cleaning and rebuilding process.  Here are some useful links for information on securing and/or rebuilding your MySQL / PHP driven site:

My Zen Cart was hacked – now what?

10 Ways To Secure Your WordPress Install

The links below may require a BlueHost account:

Google Flagged My Site as Malware

What can I do to increase my Site Security while hosting with Bluehost?

5 Sidebars and Random Images

All I wanted was five sidebars and a random images option. Is that too much to ask? Apparently, it is.

Having realized that there just isn’t a WordPress theme that does everything I want done, I got my tools in order for a little bit of DIY web design. Back to the drawing board I went. In my case, going back to the drawing board means getting busy with Sandbox and Google.

One great thing about the Sandbox theme, is that it is infinitely modifiable using only the stylesheet(s). CSS and I were not always besties, but that changed when I found the Web Developer extension for Firefox, thanks to a great piece on Lifehacker.

With this extension, CSS changes are viewable as you edit—no more changing one thing, uploading, refreshing, or fighting with a shadow copy of your site on a development server.

So, with my dream of five sidebars, or in the alternative four sidebars and a random images header option, I set about looking for the good news on how to make it all happen, on Google. I found this: Widgetized headers and footers?

- End of Part 1