Blog menu rearranged, most pages deleted!
-
Hi – really appreciate the WordPress.com service, and use it regularly and encourage other to use it.
I just came back from a week’s holidays to the unpleasant discovery that the menu on the front page of my blog had been rearranged, with several extra tabs, out of place altogether.
Much worse, though: “many pages” of information have been completely deleted. Somehow, several years’ worth of work has suddenly disappeared from my site.
I’m well within the space allocation for the blog – less than 10%, I believe.
Does anyone have any idea what on earth has happened? This is a substantial loss, and I have a lot of work ahead to restore it.
Thanks – Kirk
The blog I need help with is: (visible only to logged in users)
-
-
Thanks for asking, sorry I forgot to mention: a close colleague of mine has access to the admin/edit functions, too – but he’s assured me that he hasn’t modified the site, either.
He also told me that over the past few days he’d gone to look at the site, and he also noticed the anomalies of the main menu showing displaced pages.
Also, I changed the password yesterday, as soon as I discovered the problem. Hopefully that resolves the basic security question.
A bit of history:
On February 11 I “exported” the site as it was back then. Then I made changes to the site myself, and removed the material in question – but after a few hours, I reconsidered: I “imported” the export file I’d made, in order to restore the site to what it had been before the modifications. And on February 11 I got an e-mail from WordPress indicating that my import was successful.
After the import, I had to re-organize the main menu: the import didn’t place the pages back in their previous locations – no problem, I manually restored it to where I wanted it. A small price to pay for being able to restore it ;-)
Since then I’ve continued to work with the restored site, doing weekly updates on various pages and modifying the information, as I normally do. The last changes I made on the site (before last night) were done on March 8. Naturally, this is the version of the site that I would have expected to be loaded during the past week.
From March 9 to mid-March 15, I didn’t work on the site, nor did I read it – I only checked stats. It’s only yesterday afternoon (the 15th), returning to work after holidays, that I discovered the problem.
It appears to me, without knowing the deep details of how WordPress works, that the site’s been imperfectly modified/reverted to a February 11 edition of it as it was during the few hours that I’d changed it, before I restored it using the import.
I’ve noticed that WordPress keeps “revisions” of the posts and pages – does it also keep revisions of the menus? Does WordPress keep XML export files? revisions of whole versions of sites?
I’m wondering: during the past week did WordPress begin loading the February 11 revision of the site (prior to my restoring it), instead of the revision from March 8? Does that make sense?
I found the export file that I used to restore the site on February 11, and I think I can re-import it and restore the site again – this will entail some considerable work re-arranging things and bringing the site up to date, but at least it’s not a total loss.
However, I’m reluctant to do that until I have some idea of whether there’s a problem on WordPress’ side re loading it – if I restore it again, and then WordPress loads the already-restored March 8 version of it, I might have a lot of cleaning up to do re duplicated pages and menu … ;-)
Up to this point we’ve had very good results using WordPress. Any help is appreciated, thanks.
-
If anyone is posting anything to your blog or removing anything from it, or if your blog has been deleted and you did not delete it, then it’s most likely that you have provided them with the ability to do so, either deliberately by adding them as official users, or by allowing them access to your login information, or by posting content that makes it easy for them to guess what your log-in information is.
Who, aside from you, has access to your login information?
Go to your email program and change the password to a very difficult one because that’s how many hackers gain access to blogs
Read > http://en.support.wordpress.com/security/
1. If you can log-in go here > Users > All Users and delete any user that does not belong there.
2. Disable post by email > http://en.support.wordpress.com/post-by-email/
3. Disable post by voice > http://en.support.wordpress.com/post-by-voice/
4. Change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password
You can also reset your password via your Settings tab on the WordPress.com home page:
http://wordpress.com/#!/settings/5. Use a secure, encrypted connection to connect to your Dashboard. Under Users → Personal Settings, check the box that says “Always use HTTPS when visiting administration pages, and click Save Changes.
6. Use two step authentication http://en.support.wordpress.com/security/two-step-authentication/
P.S. Staff have records of who did what under which username and login information and when they did it. I flagged this thread for a Staff follow-up. Please subscribe to it so you are notified when they respond. To subscribe look in the sidebar of this thread, find the subscribe to topics link and click it.
-
Thanks for asking, sorry I forgot to mention: a close colleague of mine has access to the admin/edit functions, too – but he’s assured me that he hasn’t modified the site, either.
He also told me that over the past few days he’d gone to look at the site, and he also noticed the anomalies of the main menu showing displaced pages.
Well is her using his own login information as an official blog user or did you give him yours? Please clarify.
-
-
Thanks very much for a quick reply.
I am the only official user. My colleague logged in using my information, with my permission. I can find out from him when he did it – if WP staff can determine when between March 9 and March 15 that the site was modified, I can do a better job of triangulating what happened.
I’ve never enabled “post by e-mail” or “post by voice.” When I looked into it, these settings have not been modified.
The new password is [deleted by staff]
I always use https://. I’ll consider 2-stage authentication.
I’ll subscribe via RSS, thank you.
There is a remote possibility that the login information was passed to someone else via a security problem with one of my e-mail accounts. I’ll shore that up, too.
-
My colleague logged in using my information, with my permission.
OY VEY!
Let’s dig deeper. Are you using a mobile? And if you are then why have you not enabled two step authentication?
Please post the following information for Staff:
(a) Exactly what kind of device you are using to connect to the internet and to WordPress.com.
(b) Exactly which browser (and version of it) you’re using by checking here if necessary http://supportdetails.com/ -
Aye. I had been preparing to vacate completely, leaving it to him to take over – seemed pointless to generate a new user. The situation changed, and so I resumed working with it.
Yes, I do use mobile devices. I use a Sony LT28i cell phone to check stats – rarely to read, never to modify. It uses Android 4.1.2, and the WordPress For Android app is version 3.7. I use Avast! and Malwarebytes for security – frequent scans always come up clean.
I do all modifications, most reading, and most stat-checking using a Toshiba Satellite laptop running Windoze 7 Home Premium SP 1. My browser is almost always Chrome Version 41.0.2272.89 m (up to date). I occasionally use Firefox, never use Internet Exploiter. I use Avast! for security, and run regular full-system scans and boot-time scans … should be clean.
I occasionally read and check stats with a BlackBerry Playbook, OS 2.1.0.1917 – the app I use is WordPress for Android Version 2.7.1, ported into the Playbook. I use AVG Mobilation (another ported Android app) for security.
I did use the Playbook to check stats and view a page or two during last week – but not to modify anything.
I do not always have my mobile devices with me – hence my reluctance to subscribe to 2-step authentication. Perhaps I’ll have to do things differently going forward.
Todah, l’chaim.
-
Thanks for the additional information for Staff. At this point it is best that we both quit posting into this thread.
This thread is tagged for Staff and they have a backlog. What’s required is your patience as Staff work through all forum threads tagged for their attention and through all email support tickets in chronological order based on datestamps and timestamps – first posted first served, as would be expected.
How long it takes to clear the threads and support tickets depends on how many Happiness Engineers are working on them at any given point in time. It also depends on how complex the issues in each thread and ticket are are.
Please don’t bump your thread here by posting into it again because it’s not in your best interest to post to it after it has been tagged for Staff help. Doing that moves the timestamps forward and it takes longer to get a response.
-
We looked into this and 4 days ago the posts and pages in your trashcan were automatically deleted. What most likely happened is that in the importing/exporting and deleting and undeleting pages and menus some things ended up in the trash that shouldn’t have, or didn’t get re imported correctly because the version of the page in the trash made the imported page look like a duplicate.
The good news in all of this is you weren’t hacked (but don’t ever give your passwords to people–not friends or colleagues and for sure never post them in a public forum).
The bad news, is you’ll have restore everything by hand. Do you still have the export file? That should make pretty easy work of things.
-
Thanks again for a very quick reply, I appreciate your diligence.
Fortunately, I found the February 11 XML export file which I had created prior to modifying the site – the same one I used to re-import the original, once I had decided to restore it.
So yesterday I managed to re-import the same February XML file, recovering the lost pages and posts. I also had copied the pages that I had been updating since then, and with a little bit of work the site has come back together again in one piece.
One other anomaly that I hadn’t noticed until late last night: my subscribe widgets had been deleted, too – unexpected. But I’ve restored them manually, and I think we’ll be OK.
I’ve created a new XML export file of the restored site, just in case we have another blip ;-)
Glad that we weren’t hacked, thank you for that information. I’ve changed the password, and my colleague will come in as his own user.
So I take it that the trashcan is automatically deleted on a schedule? How much time is the trashcan allowed to remain before being deleted?
I’ll delete everything presently in my trashcan, so that we don’t have any near-duplicates to confuse the machinery.
From my vantage point, this is solved. Thank you.
-
So I take it that the trashcan is automatically deleted on a schedule? How much time is the trashcan allowed to remain before being deleted?
Items in the trash can are permanently deleted after 30 days. It’s best not to let stuff sit in there that long though.
Glad you were able to get everything back.
- The topic ‘Blog menu rearranged, most pages deleted!’ is closed to new replies.
WordPress.com Forums 