spider in moonlight - hacker image?

Website Security Hacking – In Real Life.

This post was going to be on website security hacking definitions for the simple reason we should be on the same page for the series.


I was a bereavement counselor for three decades. Every week, it seemed a sane person or family shared their story of “After Death Communication”.

Logic has its limits.

Warning a side story ahead.

You can safely skip this section. It has some weirdness if the subject is new to you. It’s not pertinent to today’s subject.  It’s here as many are intrigued when they hear of this.


After Death Communications happen to about two-thirds of those families grieving a loss by death of a family member. Nearly all who experience them value them as they believe their loved one is okay now.

The exceptions are two classes:

1. Adolescents

2. Some of those who had a difficult relationship with the deceased.

I mention the latter as I worked with an estranged couple. He had received an injury during a tussle with a lady he was having an affair with. That injury both partners believed was the cause of his cancer in that bone. His death the chaplain described as spiritually difficult and unpleasant.

Later during her sessions with me, she discussed him. He would visit her and ask for forgiveness. She continued angry at him and refused. She didn’t want him to continue to visit. As far as I know, they never reconciled.

Here are three sites Google uncovered about the subject:





Back to website security.

First I woke up with a sore throat which as the morning unfolded generalized to most of my body. Happens.  Then about mid-morning, I received a message my website – this website – was hacked. spider-and-web-moonlight-silhouette1.5wWeird.

So, research/writing postponed as I looked into this.  Turns out it became another story to share here.  Definitions delayed.

The program names won’t be mentioned as this is a one-off situation or anecdotal at best. It shouldn’t be used to decide whether to buy any of the programs involved.

I looked at the dashboard of the security program. It announced in bright red letters, “Your site is hacked.

As I had the free version, it wouldn’t show me the offending file, let alone remove it.  It discussed how complicated it is to find and clean hacked systems. If I’d pony up a significant sum, then I could install the tools that I could use to clean the offending file.

Fair enough.  I’m not above paying for such expertise and service.

But another scanner I had in place and ran this am turned up nothing.  I ran it several times. Clean every time.

There is a part of me which likes to watch crime solving shows. These most often take me to those parts of the world I prefer to observe from my living room. That me was suspicious of extortion.

What to do?  I installed another security program and ran a third screen.

This one agreed that I had a suspicious file. The scan also found an entry in my .htaccess file which should be hidden from prying eyes. It offered to hide that.

Case solved.

It even showed me the offending file and the path to it. Yay!

I studied both the ini code which it suggested should be hidden and the bad file.

The ini file was one the security program I had just installed placed there so yes, hide it.

The bad file was not something I recognized.  There was an IP address in it.  I took that to my friendly neighborhood Whois program to see what I could learn. It was to a location in Bulgaria hidden under a covering IP entry.

I had no programs or hosts originating from Bulgaria. Nor did the code seem pertinent.  The latest security program said it could safely delete it so I let it.

I reran the scans – all three programs proclaimed my site to be clean. Clean! Yay!  Money saved.

Do I feel a little guilty for slighting the program that first discovered the bad file? Some.

But then I hear Joyce Gillespie, saying to me, “You can feel guilty if you want.”  Joyce was one of my office mates of many years in the hospice.

Meanwhile, there are some terms in this post that might make more sense if I’d done the definitions first. I apologize for that.