Posted on 11 March 2018

…is when your own website has been giving you so many problems lately. Yesterday I got a message from Google indicating some malicious code had been injected into my blog. It didn’t affect the way visitors saw it, but it was causing the search results to display in Japanese characters for some hotel if you were viewing it through a search engine.

Given various other problems I’ve been having– weird RSS feed behaviour, an inability to properly redirect http to https– I decided to go for a WordPress uninstall and reinstall. First of all, I backed up my site as described here, downloading the entire wp-content folder and sending out an .xml file of my posts, pages and categories.

Then I deleted the thing which, even though I knew it was backed up, was pretty scary. I reinstalled via the Bluehost dashboard, figuring that using their version of the site might help in the future if I had to work with their tech team.

Uploading the wp-content folder back took a while, but went smoothly. The .xml import using WordPress’s built-in tool was a little dicier, because I kept getting a “405 not allowed” error which made it seem like it wasn’t going to work. But, just as I was googling around for a solution, I saw that my page was populating and it looks like everything is here!

The only real problem at this point is the spaces between paragraphs haven’t rendered on all my imported posts and the only solution I’ve been able to find is to manually go in and hit “enter” again. I’ve only done it for posts I’ve written in 2018 plus a few of my more popular back-catalogue ones so far and I’m not sure if I will actually go through the effort of doing it with all the rest at this point.

The good news is the clean reinstall seems to have solved all my other issues– my RSS file is behaving as expected, any attempt to access an http page takes you to the https version of that page, and as best I can tell my site is not advertising Japanese hotels in any way shape or form.

So, what have I learned out of this?

1. Be more cautious with plugins. When I started doing this, I didn’t realize that plugins wouldn’t necessarily keep up with new versions of WordPress, or that they could be a potential way for hackers to disrupt my site (which I’m not sure is what happened, but is a possibility). From now on it’s going to be ongoing trusted developers primarily. This will also help with transferring from theme to theme.
2. Make backups. I was good about this for a while, but then it lapsed. I was lucky that my problems were fixable without losing content, but that very well could not have been the case.

Had I followed these two steps I probably wouldn’t have been having the troubles I have been. So I hope none of this discourages anyone from creating their own blog, but simply acts as a cautionary tale of the steps to take to do it properly!

Filed under: blogging