It has been almost 2 months since my last post. There were a lot of things happening during that period. Mostly involved my main website, mount-kinabalu-borneo.com.
It started with my text-link-ads php script which was not parsed properly on my static html website, which was then penalized by Google. For about a month, mount-kinabalu-borneo.com was invisible from Google search engine. It hurts, but I learn a lot from it. I am not sure why it happened, but I believe that my webhosting server did someting which leads to broken php scripts on the website, which invloved all other php scripts to run the website properly.
Because of that, I forced myself to look into upgrading the website engine. Old mount-kinabalu-borneo.com was created from scratch, using WYSIWYG HTML generator, Kompozer/N|vu. All pages of the website were static. It means that I have to hand code every pages if I want to make any changes. I am not good at using CSS by the way.
After researching for few open source content management system (CMS), I end up with modx, because it is the only cms that could give me friendly URLs for each and every generated page. They have a very good website structure, similar like the old mount-kinabalu-borneo.com, and their templates were also easy to understand. WordPress and Drupal were high on the list, but was not a good candidate, as I cannot get friendly URL for their static pages with a .html at the end. I need that .html suffixes on the URL because it will be the same structure with my old website. I just don’t want the backlinks from other websites broken with a new URL structure.
During this period of time, the website got hacked. Some script kiddies managed to get through my servers and installed a virus, which leads to injection of an iframe script on each and every page of the website. Apparently the script that they injected linked my website to a website in China which spreads malicious software. Again, it hurts my website even more as Google now blocked my website with a warning!!!
Although I recovered my first page appearance on Google search engine result page, visitors cannot acces my website because Google put a warning before they enter it!
Anyway, after running an antivirus software on my server (mind you that I hosted my website on a LINUX server), they found PHP.Shell script that is malicious. It seems that the virus will not run on the server, but will run on any Windows PC which access my website, as they will automatically download themselves silently!
I also updated my modx backend engine, from 0.9.6.3 to 18.104.22.168, as I have a very high suspicion that old modx version have some secuity flaws. Only after the upgrade, the iframe script on the website is gone.
During those period of time, I emailed Exabytes (my hosting) few times, in which they could not help much. I also emailed Google few times to plead and appeal, as to not penalize my website anymore, and get it out from their sandbox.
Glad to share with you that today morning, when I got into my clinic, everything is back to normal.
Morale of the story : ALWAYS update your website and blog. Security is a very BIG issue on outdated website and blog.
Happy fasting for Muslim and never stop blogging!