Frugalhoney.com Attacked Part III – Moved It To Blogspot

UPDATE on Jill’s blog. To recap, Jill’s Personal finance blog https://frugalhoney.com was suffering a denial of service (DOS) brought about by a Brute Force attack. A brute force attack is when the website is made so busy trying to serve pages that it essentially hangs.

After I backed up the site and made it run on my laptop I went to work. Brute force can be done in multiple ways and slowly I started to fix issue after issue. I was careful not to overdo it because I wanted to know exactly how the site was being attacked via trial and error. First I started to protect Wordpress essential files and placed captchas. When that didn’t work I stopped wp-cron.php. When that didn’t work I installed a high end plugin that hid system pages even more and stopped certain procedures altogether that were not essential. After that I finally cloudflared my DNS to block and document attacks. I was working with my US host to fix the issue and overall we traded close to 30 emails.

We finally came to a point we realized that bots were attacking the site and this made me form a conclusion. To use bots to attack a site someone really wants it taken down and is possibly spending money by hiring someone to do so. It is an intensive process and isn’t easy.

While I can still try to find a fix it’s clear that would be just my ego talking and I probably have to shell out some cash as well. So I decided to just move the whole site to blogspot.com. The longer I delay the more the site’s Google ranking will suffer and the post we suspect is the reason why the site is being attacked will be erased from the internet – the ultimate reason websites are professionally attacked.

So last night I moved the site to https://frugalhoney.blogspot.com and it’s working now. My next step is to apply a htaccess rule that will change the domain from this:

https://frugalhoney.com/2017/07/what-to-do-after-you-get-scammed-by-manila-bankers-life-insurance.html

to this:

https://frugalhoney.blogspot.com/2017/07/what-to-do-after-you-get-scammed-by.html

That way anyone who clicks that important link on a Google search will still end up with the content they are looking for and the attacker can just suck my d=) because now it’s Google they have to deal with.

It’s far more important for Jill’s content to continue to exist than my painful fragile ego. She actually has to discontinue that site soon due to a potential career change. I learned a lot trying to save it though and I can apply this in future projects. The important thing is that her posts still exist on the internet. I hope the bad guys are paid by results they’re not going to be able to collect.

Update, here is the .htaccess code that redirects them appropriately.

Line 1, 2 and 3 redirects those specific posts to the proper post in the blogspot version and Line 4 redirects the whole URL. Unfortunately I do not know yet how to automatically redirect individual posts but that might not work because it involves two things. 1.) shorten the URL to 30 characters and 2.) forward it. While forwarding is easy shortening the URL is iffy. You can’t just chop off excess URL characters and hope it will work. Fortunately posts which do not exceed 30 characters are forwarded appropriately so I’ll just have to live with that. In any case those specific Manila Bankers’ posts are the ones that really need forwarding so we’re happy with that.

Jill has just written this post explaining the whole thing to her audience. In it she says how she was planning to close the whole thing down anyway given she was moving on to other things. But hey, because of what happened she’ll make sure that thing will run forever, so SUCK IT whoever you are who tried this.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.