A darker and more dangerous place

So based off of Christopher’s advice in the last post, I went and set up the WordPress plugin to make the database backups automatically and have them emailed to me, once a week. I also kept my promise to always have the latest version to minimize vulnerabilities and updated to WordPress 2.7.1 (backing up manually first, of course). To be honest, I was starting to get annoyed with all the people giving me advice. I wanted to say, “Leave me alone! I haven’t had a four-hour span alone at my drawing board since the hack. Don’t you want to see Miao Diary get done? Why can’t I just draw in peace? Right now there are three posts on the site and all of them are about the hack!”

It was at that time that I remembered what happened in Moribito: Guardian of the Spirit. Pursued by the soldiers of the empire as well as a hungry earth spirit, Prince Chagum has to undergo self-defense training from Balsa, the spearwoman who has sworn to protect him. In the climactic battle, when Balsa’s attention is drawn by a powerful enemy, what he learned from Balsa allows him to survive without her direct protection. Times have changed and I can’t just draw in peace. There are people out there who will vandalize an innocent and unprotected blog for no other reason than it is innocent (relatively speaking, of course; my projects, although modest by lolicon standards, are seldom innocent) and unprotected. I have come to the attention of those people and I have no choice but to learn how to protect myself.

So I have no right to get mad at those people who are offering advice. This isn’t the unsolicited, opinionated advice that Steven is so strongly against. These people are doing it because they want to help me. So I have to do the right thing and take their advice as I stumble through my first attempts at protecting my website. I may be almost 29 years old but I’m still a child when it comes to stuff like this. I’ve made some big mistakes already (the biggest being erasing the folder and database before determining the nature of the hack) so I have to do what I can to not make things any worse.

So what more advice is there? Should I spend the money to have the hack analyzed? Should I learn how to collect site access statistics (with like, say, Google Analytics), ban people from my site, or block ranges of IPs? Should I learn how to back up my database without the use of the plugin? When will I know when I’ve done enough and can get back to my work? I don’t want to have my operations paralyzed from fear. That’s what terrorists and hackers want to happen. I want to go back to the days when all I had to do was draw, scan, and post and never worry about hackers or the safety of my site. But it seems those days are gone, and I have to deal with it.

To all of you who have been offering advice, thank you. You make me want to tear my hair out, but I know it’s because you care.

(Now to sneak in a few hours of drawing before the next wave of advice. Hurry! Hurry!)

3 comments on “A darker and more dangerous place

  1. I’m sure there will be people with useful advice, and some of it will require a trade-off of time spent versus protection gained, but here’s my view of it:

    1) You’re already keeping local copies of your images, so it’s not like you risk losing any original works.

    2) The posts/comments are being backed up (assuming you’ve properly configued and maybe tested it). You can optionally go the non-plug-in route, but at least you can recover content if it’s lost. You might just end up writing some magnificent post that you wouldn’t want to lose for whatever reason.

    3) With the latest release of WordPress, updating WordPress is (from what I hear) quick and each. Once I set up an FTP daemon running on my own server, I found updating plug-ins to be effortless. (Well, except that I prefer to stop the FTP daemon when I’m not using it on WordPress, leaving one less port open, and one less software running to potentially exploit. I upload via SSH, so no FTP isn’t a problem for me otherwise.)

    I’d say you’ve reached the minimal stage of being “all set”. If there’s an attack, you can reasonably recover (no data completely lost).

    My advice would be to sit back, relax, and draw what you can until advice rolls in, but you’ve already proceeded with that 😉

Leave a Reply

Your email address will not be published. Required fields are marked *

*

HTML tags are not allowed.