In the wee hours of Monday morning this week, pcweenies.com went down. The words “Error 502 Bad Gateway” appearing on my browser seemed cryptic enough. This was followed by the even more cryptic “Error Establishing dB Connection”. I didn’t perform any site modifications, so I immediately contacted my hosting company (Bluehost). After a few failed attempts to resurrect my site, I went off to work. One tweet to my host, and one phone call later, I worked with a helpful tech named Nolan at Bluehost to figure out what caused the site to go down.
It turns out, something big.
Apparently, last month, the name of the SQL database login ID for pcweenies.com had been modified to an incorrect login value. This was very odd, as I have in no way, shape or form, ever modified this info after initially setting up my site. Who did it? I have no idea. Why did my site fail after only a few weeks, and not immediately? I have no clue. Even more odd was the fact that after we restored the database connection, I discovered that nearly all of my WordPress plugins had been deactivated. How did the hacker get in? One possibility is via FTP.
I don’t have any specific answers as to how this might have happened, but my suspicion is that my login credentials had been compromised by someone. I’ve since taken measures to insure that it won’t happen again, but I can’t help but feel a bit vulnerable now.
What I’ve learned now is that it’s imperative to update your login credentials once every six months, even if it’s a pain in the rear.
With the site back online, Nolan pointed me to a very useful online resource called GTMetrix to help further optimize my site’s load times. Simply provide a URL and gtmetrix will run a battery of tests to determine areas where further optimization needs to take place.
After making a few fixes, namely adding “Expires headers” to my .htaccess file, I was able to improve my site’s score. Both browser caching and expiry headers reduce the number of HTTP requests, which improves the performance for your site’s returning visitors. With this one tweak, I’ve seen an improvement in load times. I’m still working through the list of fixes that GTMetrix recommends – although some of the fixes are out of my hands (some belong to the source theme I’m using for this site).
After restoring the site back to normal, I made it a point to clean out and delete any old WordPress plugins that I no longer need. Hopefully it’s smooth sailing from here on out.
-Krishna
Bob Harvey
May 12, 2016 at 10:17 amKrishna said: “One possibility is via FTP. ”
Krishna, do you use a traditional ftp utility to manage files on your site? As you probably know, ftp is insecure because it transmits your credentials in the clear. Any party watching the packets can ascertain your password.
One safe way and perhaps the simplest is to use an SFTP program. In OS X I have long used shareware “Transmit”: http://www.panic.com/transmit/
I highly recommend if you are not already using an equivalent program that encrypts your logon text.
Note: ftp uses port 21 with the server. SFTP requires an alternate port, traditionally 22 by default. But many hosts allow or require another port for SFTP. Check and they will verify which one to use, as it must be input into Transmit or other SFTP utility.
Krishna
May 12, 2016 at 2:50 pmThanks, Bob. I have Transmit. I will need to use SFTP from now on.