Yesterday, I had been notified that my blog’s web pages sometimes contain malicious scripts. I had to shut down the blog and investigate the issue. Sorry for the inconvenience. I didn’t want to expose you to any threats.
The Unmask Parasites online service was not affected (it is hosted in a different location, and is very secure). It worked all that time. And during the investigation, my blog redirected visitors to http://www.UnmaskParasites.com
I’d like to thank Googlers (John Mueller, Oliver Fisher and Oxana Comanescu) who provided me with details about the issue. The malicious code had been noticed only in a small percentage of server responses (hackers don’t want to be unmasked). I could never reproduce it myself.
My blog is hosted on a simple shared plan since it doesn’t require anything fancy. I combed though my whole account and couldn’t locate any sign of the compromise or any alien code.
I contacted my hosting provider and provided them with all the information I had. They were very responsive and had been investigating the issue for the rest of the day. They took some preventive measures and added traffic filtering so I hope my blog is currently pretty much safe.
Anyway, you shouldn’t trust even sites like mine. Make sure you are browsing the web with a secure browser. If you are on Windows, consider using Google Chrome (it warns if a site references something from blacklisted third-party sites) or FireFox with the NoScript extension. With NoScript, you can enable scripts on legitimate domains that you visit, but any third-party scripts (and most website exploits require loading scripts from third-party domains) will be blocked.
When I have all the details from my hosting provider, I’ll review the issue.
Meanwhile I consider moving my blog from shared hosting to a VPS (virtual private server), so that I have full control over the things behind the scenes.
I’m not much of a sysadmin, so I’ll need some getting started tutorials about how to keep the server secure.
Can anyone suggest a supportive and reliable hosting provider with affordable VPS plans? I don’t need anything fancy: Apache, MySql, PHP, Wordpress. I guess 256Mb RAM would be enough.
It would also be great if someone could support Unmask Parasites and this blog and help me purchase a VPS.
Feel free to leave your comments here or contact me directly.