most of our sites were down multiple times over the last four months or so (August 2021 through mid-December); as we were involved in a Web WAR started with someone(s) in China!
A few customers & clients that frequent our sites have called in wondering why there wasn’t an email… or what happened to one of our websites (as the websites have been up and down, up and down, since August through about last week).
In late August we chose to leave them down for a few weeks (on purpose), while we tried to log the attempts and IP addresses, and ‘places’ the bad people were getting in (or trying to), hoping to 'trap' them; so we might figure out WHO, WHERE, and HOW the person(s) were getting in.
We've figured it out... finally. They were good, but we’re better, and they are locked them out... permanently.
YOUR DATA & INFORMATION WAS NOT, and NEVER WAS (or will be), ON THOSE WEBSITES! So it's 100% safe, and uncompromised. We NEVER keep any credit card information 'on line' - on any of our websites, nor will we ever ask you for a password.
Despite paying for the "Ultimate Hosting" and 'regular backups' - and SSL's... and annual fees on a pile of domains... it seems our sites on the GoDaddy hosted servers were hacked. I don't blame them for the hack (obviously – THEY didn’t do it), BUT them 'losing' our BACKUPS, and not having things BETTER SECURED with all the money we spend on their services, and then them wanting to charge us MORE MONEY for THEIR "Ultimate SECURITY package" after all the 'security' and hoop jumping we ALREADY PAID FOR (which failed) IS THEIR FAULT!
On the positive side, ALL THE 'BAD GUYS' GOT WAS A PILE OF WORDS, some scientific abstracts, testimonials, and some FDA & USPTO information!
AGAIN - Your personal payment data was 100% safe, secure, and is NEVER stored on our websites, in a 'cloud' (by us), or stored 'off-site' where some thief or hacker could compromise that information.
"OUR" sites are INFORMATION related to the science of nutrition, our products, and what ingredients NOT TO USE... we NEVER STORE OUR CUSTOMERS, CLIENTS, or PATIENTS confidential information on our websites (or 'in the cloud') because it adds a security issue we'd prefer to avoid - for our own sake, and that of our customers.
Who knows, maybe the REALITY about inconsistencies in 'eastern medicine' was a sore spot that provoked their attack. Maybe it was our emails and pages since March 2020 about 'the virus,' and how it started in China that, caused them to try to hit our websites. Maybe they just didn't like how we deal with those robo callers trying to con people out of money. Who knows, one thing is sure... they put in a lot of effort... won a few small battles (but really got nothing profitable to them)... and WE ULTIMATELY WON THE WAR! They spent way too much time and effort messing with us, and our web sites, for it to just be credit cards - when it was clear there was NOTHING THERE! Because the vast majority of our sites have ZERO 'on-line' shopping or order taking options; the few that do, use a third party ultra secure platform - like paypal, stripe, or one of those specifically designed to protect the buyers and sell from outside attacks. The sites are for INFORMATION & EDUCATION, and supporting our resellers first & foremost - rather than attempt to compete with them.
It was an on going battle for the last four months of 2021, with nearly 65 of 125 nutrition and information websites were affected (effected, and infected), BUT none with any personal data on them. We were able to find where and how they entered, and LOCK THEM OUT of all those backdoors (and hidden passages)! WE WON!
It did take us a while to figure out WHERE they were 'getting in' - and how. After all, we have been 'eating and drinking' NUTRITION & HEALTH, not computers the last twenty years, so it took us a while to 'get up to speed.' But we did; and THOSE DOORS & WINDOWS into our sites are 100% closed, locked, walled off, and now armed!
It really was new (to us, and most of the WP/SQL forms world)... but thanks to a few smart friends, some persistence, and a few decades of computer/web experience... WE FIGURED IT OUT! No thanks to goDaddy - who dropped the proverbial balls, and wanted us to pay more for THEIR ADDITIONAL SECURITY - despite our "Ultimate Hosting Plan,' SSL's, updated PhP, and Server Backups we pay them thousands of dollars a year for. Their 'helpdesk' was just as useless as the hosting/domain customer service representatives we spoke with there. My how they have changed over the last decade. I guess they have a big enough reputation they don't have to care any more. It's ok - WE NOW KNOW WHERE WE STAND THERE, and that their priority is MONEY, MONEY, MONEY... and no longer service (or security) for their existing clients.
We can only speculate as to who, and why, only SOME OF our websites were messed with (literally over written with, what appeared to be, Chinese writing and photos of Chinese 'health products'). Maybe they didn't appreciate the TRUTH ABOUT HERBS, the reality about the dangers and side effects, or the fact we spoke out about the LACK OF TESTING of most Chinese derived nutritional products?! We discussed some of the many products in American stores, sold through American distribution channels, that are using untested, lightly & poorly tested, Chinese ingredients, merely because they are cheap... only to actually later find massive inconsistencies, and/or to have issues of contamination. It could be lead, aluminum, mercury, cadmium, barium, or some other heavy metals... or some type of bacteria, or other contaminate. For most products, and bulk ingredients, ONLY E.coli and Salmonella are 'required' testing by US customs regulations, with dozens of other common contaminants being completely ignored.
Mold, mildew, botulism, even lead & mercury, rodent feces' all ignored... unless there is a 'recent' trail of bodies for the right person(s) to follow. Most doctors, especially nutritional specialists know that heavy metals BUILD UP OVER TIME in most bodies... aren't quick killers, but have been linked to the foundation of many diseases and illnesses over the years. As a traveler to that country, you are warned to NOT drink the water because it will make you sick, so WHY BELIEVE THE INGREDIENTS THEY ARE EXPORTING ARE SAFE?
Maybe our speaking out about those things, and our pride in the rigorous testing our products endure and are consistent... and the quality of ingredients we use, had little to nothing to do with why our nutritional sites on the internet were messed with (hacked).
But they were; repeatedly, for more than four months. However, we've locked the doors, closed & locked the windows, added proverbial shutters, and are now REBUILDING THE HOUSE OF INFORMATION... on a new foundation that employs none of the SQL or WordPress technology they exploited to gain access.
Sadly, GoDaddy, where our sites were hosted, was ZERO HELP, and apparently sucks at security & actual support (unless you pay them more). The issue was a combination of an unsecured 'WP PLUG IN' (word press) and/or a "SQL Injection," where a special sequence of codes are 'sent through' a form that is hooked up to a data base (where comments, testimonials, and feedback was stored). Something similar to those 'secret codes' that exist on cell phones.
For a harmless example, on your own phone: Dial *#06#. You will retrieve the IMEI/MEID number on YOUR cell phone (no worries, no one else can see it... and it doesn't change anything, just a display of internal info). You typically don't even have to press the Call or Send button. Give it a try if you don't know what I'm talking about. The IMEI/MEID number will appear as soon as you finish dialing the code. Knowing that code is necessary to make changes, or even allow access, to different information on your cellular phone; and it's easier than removing your phone from it's protective case, or trying to read that microscopic writing on the back of the phone that might have rubbed off. But, it's also those type of 'hidden codes' that weren't properly blocked (or secured), which allowed foreign bad guys (or gals) access to our website to 'change 'read/write' PERMISSIONS' so they could open an obscure window into the server, and look around. The upside is that any personal 'customer' and payment information is NEVER ON OUR servers, or OUR WEBSITES, just for that reason!
Once we figured out where & how, we've re-secured everything, closed all the ports, terminated all the 'fancy' tools, changed ALL our passwords, LOCKED ALL the proverbial doors & put shutters on the windows, and ceased using Word Press & SQL (the culprits that allowed them access). We are back to STRAIGHT Bootstrap HTML CODE, which isn't 'as pretty' (or fast & easy to edit & update), but it's 99.999999999% more secure; and significantly faster for loading on nearly all types of devices (computers, tablets, and phones - PC or Mac).