In case no one realised (I don’t think anyone else but me), my blog was hacked some time back. To be exact, it’s been just over a month since it was hacked, and it took me a good 1 week to realise it.

I thought it was a bit strange when I started getting emails from HostGator about some files being changed or compromised, but at the same time, they were advertising for their (somewhat new) Site Lock security solution, and I thought it was just some up-selling advertisement to get people like myself to pay more for something that we don’t really need. I mean, I don’t think I am going to pay $40 a month to run a blog that is not even a “business” as per se (well, I am not an influencer; not even a “micro-influencer”, whatever that means).

As it turned out, my blog did get hacked, and although HostGator isn’t technically responsible for restoring my files, I came to the conclusion (after seeing how ALL my other projects on HostGator got hacked, and none of the others on other hosts were hacked) that there was a vulnerability that HostGator was probably not patching. This stands unsubstantiated at this point in time, but I thought the hacking incident coincides a little too closely with them up-selling Site Lock (again, I am a small-time blogger – why do they want us to spend so much money just to write a blog? but of course, this is rhetorical)

In the end, I was pretty put off by them, and eventually offered to pay for a solution. Guess what? They could only offer a $15 solution for a single copy of a backup in the last 7 days, which isn’t even guaranteed to solve my issues. I was obviously very irritated with them, and decided to move my business elsewhere.

And that’s when I realised that things could get even worse from here. Even though I was on a, technically, “unlimited” plan, HostGator does not allow me to have any backups even from the console, if my “inodes count” (which I assume is somewhat similar to number of files, in layman terms) exceeds 100,000. This might not seem like a big deal, but considering the number of projects that I had been doing, that number was easily breached.

So, I was stuck with heaps of hacked projects and websites, and I couldn’t even do a proper backup of all my files (I am sure I have physical backup copies somewhere though). I ended up having to download all my files via FTP bit by bit (pun unintended). That was really agonising. At this point in time, all HostGator was willing to do, was to “move forward to see how we can prevent this from happening in the future” – doesn’t matter that they actually do have a backup that could have solved all my problems.

To cut a long story short, I found 2 other web hosts, once of which was pretty proactive, and another one that didn’t care about their clients (I read 1 bad review about them, but they are really THAT bad). I also found a 3rd one who was really pro-developers, pro-designers, and pro-geeks; and for a pretty reasonable price too – although, when it comes to price, it is not everything – and it is important to note how much you would be paying *in the long run*, since web hosting costing $1.99 per month usually refers to the first invoice (which can be up to a few years of prepayment), following which, it can balloon up to 10 times the initial “promotion”. Always read the fine prints.

Eventually, I settled with 2 web hosts (and 1 useless, uncaring one – that I will just use for rogue projects anyway; since getting refunds from them is harder than getting a pacifier from a baby without heaps of crying) and laid out a rough plan of how I would be managing all of these in the future; and I got all these done in the last 1 month, in the midst of moving house, barely making ends meet, and wondering about my future. It wasn’t the easiest thing to do – having to juggle all of these at the same time, but drugs do wonders.

I mean, pain killers, for all the headaches, that is.

It is also during this period of time that I decided to decouple the name resolution services from my web hosts – because I now know what a pain in the butt this can be when you have to start migrating all your zone files (basically data files containing IP addresses for your (sub) domain names). This definitely requires a heart of steel (hey, it’s the first time I am doing something more geeky than what I am comfortable with) and adds up more cost (thank goodness for free 1-year trials!) but I hope it will be more robust in the long run.

If you are able to see this post, that means I have successfully migrated my blog from HostGator to somewhere else. I will probably have to spend some time “hardening” up my current site, and I definitely hope to do this before this gets hacked again.

Till then, peace out for now 🙂