pquirk.com gets hacked

Posted on

So, an interesting thing happened a couple of days ago, I got a notification on my WordPress phone app about some failed login attempts at my blog. Since this is running on my server running open source software that I installed, I get access to everything that happens. Every error log is captured, saved, and eventually archived.

How do I know it was a hacker? First of all, there is no obvious link to an admin login from my main page. If I wanted someone else to create a post on my blog, I would send them the link. Since this is a personal blog, I’m the only one who would ever log into it, and since I use a secure password manager from a secure device, I never have a failed login. So, when I check my activity log using a secure app on my phone and see a lot of failed login attempts, I look a little closer. When I see user names like jake, admin, teste, qwerty, user1, pquirk, and paul as user names being used to access my blog over and over again, I know that something’s up.

Each attempt captures the IP address of the person attempting to hack my website. Using a utility called whois, I can find out information about this IP address; who owns it, with full contact information. So jake failed from 123.16.70.105, which resolves to Pham Tien Huy of the VietNam Posts and Telecommunications Group from Ha Noi City. The next IP address used was 14.232.111.13, which also resolves to the Vietnam Posts and Telecommunications Group, also owned by Pham Tien Huy. Each attempt was from a different IP address, all resolving back to VIetNam. Odds are very good that different people from VietNam are attempting to hack into my blog; rather, this is probably one individual using either a VPN or proxy server.

I do have options in the event of getting hacked. I could contact Pham Tien Huy with the time, date, and IP address, and that person would tell me the IP address of the person who connected; in effect, trace it back to its origin, and then I could get that internet provider to provide me with details of who used the originating IP address at that time, then I could take action against that person, as nobody is truly anonymous on the Internet. That’s more work than I care to do right now, so another strategy I could employ is to block them with my firewall. Since whois gives me the entire range of IP addresses that this came from, and since it’s unlikely anyone from VietNam would ever read my blog, I could block that range of IP addresses; say, 14.244.0.0 – 14.255.255.255, with the “ufw deny” command. However, I don’t feel the need to do that either. This blog, and my web site, are hosted on a Linux server that exists for real in my basement. It’s locked down with the latest security updates and strong password encryption. In a worse case scenario, I can pull the plug, re-load from my daily backup, and be back up and running within minutes. I confess to actually getting some amusement scrolling through my logs to see this loser waste time in his (or her) pathetic life trying to hack my little insignificant blog. The only time my site goes down is if there’s a power outage in my area, or when I need to reboot after installing the latest security updates.

I do wonder, what kind of pathetic loser would try to hack a site like this? Then I realize that the truths I post are going to be offensive to those who profit from ignorance and censorship. The kind of person who has multiple fake Facebook accounts created from these multiple fake IP addresses so they can game Facebook’s heavy handed censorship policy by having them all report an “Offensive” post so a person can be censored. Except this time, it’s different. This time, their complaints would have to go to me. Of course, they would never air their grievance with me, because, deep down inside, they know that I’m right, that I speak the truth, and they’re a weasel who can only use underhanded tactics to silence me, and so that’s what they resort to. This motivates me to continue with this, to write candidly and openly about things that matter. Facebook’s fired. This is the home for my speech, and I won’t be silenced by some pathetic loser.


2 Replies to “pquirk.com gets hacked”

  1. Paul, I’m impressed you run your own server, and knows how to setup and the maintenance to keep it secure. Cool!

    And it can indeed be nice to have the content at your own site; a place where you clearly are the owner of the content, keep control and decide what can be written or not, only limited by laws and your own ethical etc judgement. When you run it on your own server, you have also omitted any limitation the web hotel may have stated.

    1. Thanks, Henrik! I always envisioned a future where each individual connected to the Internet would have a computer or computing device that would serve as their place to share whatever they wanted, and if you disagreed with them, you simply wouldn’t go to their site…not this centralized crap where everybody is pushed together and are reporting on people whom they disagree with.

Leave a Reply to Paul Cancel reply

Your email address will not be published. Required fields are marked *