It's the sort of thing that makes your heart sink. The web site that you've lovingly tended over the past nine and a bit years is suddenly deemed by Google to have been hacked. You look on site but everything looks just fine. But Giggle sends you a link to a non-existent page that begins with your web site address and, sure enough, there is this page of junk text advertising drugs!
Now, why anyone would buy drugs from a page that has obviously been maliciously hacked into someone else's web site remains a mystery to me. My only concern at that moment was to get my site unhacked again. But since the 'hacked' page didn't even really exist (it was dynamically created from the fake URL) I had no idea where to begin. The real problem was that the Bitwise site was all dynamically created. That's because I decided, many years ago, to move away from a site made up of 'static', hard-coded HTML pages and use, instead, the altogether more modern approach of having pages constructed 'to order' whenever someone logged onto a specific address. To do that, I used a CMS (Content Management System) which used the PHP programming language to insert the text of articles from a database into pre-designed HTML 'templates'. The CMS I chose for the job was Spip and in spite of my recent problems, if I were ever to use a CMS to publish an online magazine again in future, Spip would still be my choice.
But the problem with any CMS is that i) they are prime targets for hackers and ii) they have to be regularly upgraded and maintained by the webmaster. I simply don't have the time or interest to do that. So when my Spip installation became the target of a hack-attack I was faced with two possible choices: 1) I could try to figure out where the weakness in the system lay, upgrade to the latest Spip and hope for the best or 2) I could revert the entire site back to the old-style static HTML.
I chose the latter option. If I had more time, or if I had a small staff of helpers, I might have decided to upgrade Spip and fix the problem. Since I have neither, I decided the simpler option would be to reimplement the site in HTML, with no PHP or similarly dynamic (and potentially insecure) programming language involved. But how do you convert a dynamically-generated web site into a series of linked HTML pages? I'll explain that in a future post.