How I broke my blog and nearly accidentally deleted it

Both my blog and my business website have been acting strange lately. My business site is getting fewer hits, which could be due to the holidays, but also I think I’m dropping in google search’s rankings. Meanwhile, my blog has been weird too. Some of my readers are signed up for email alerts when I post. Lately those alerts have sometimes been sent to my reader’s spam boxes.

I think the issue may have something to do with the fact that both my blog and my business website need some sort of additional security measure. They are showing up with this warning:

So I decided to try and fix the problem. I’ve never taken any website courses and am completely self-taught. Except I’m not so much self-taught as I am “blindly google until I find something to try.”

I googled, and found something that made it look to me like I just needed to change something in my settings. So that’s what I did. I simply put an “s” on the end of “http” in both of these boxes.

Huge mistake!!! Generally when you change your settings and you don’t like the result, you can simply change it back again.

Except not this time. I changed my settings, hit save, and immediately I was locked out of my dashboard. I couldn’t access my website at all! All I wanted to do was change my settings back to how they were, but I couldn’t get in. My website dashboard (and the site itself) showed a 404 error.

Then I realized I probably should have installed a certificate first. In hindsight it seems pretty dumb to think I could just change my url and be done. But that’s what the internet said! (lol)

So how do I install a certificate? I figured a good place to start would be the server that hosts my websites. The server dashboard looks fairly user-friendly with all these cheerful icons.

But the user-friendly facade disappears as soon as you click on one. I decided what I needed would either be under “Certificates” or “Install and Manage SSL for your site (HTTPS).

I found a place where it looked like I could update my certificate.

Note that immediately above “update certificate” there is an option to “uninstall”. I mistakenly clicked that and very nearly deleted my blog. It gave me one of those “are you sure?” type of prompts and I’m like, cancel! Cancel!!!

Having to be my own IT team is one of the most stressful things about running my own business (I’m using this blog as an example, but my business website currently has the same “Not Secure” issue as this blog).

I tried (twice) to update my certificate, but it didn’t actually do anything. Maybe I don’t have a certificate to update? How do I get one? I realized I would have to call my server for help. It was 10:30 at night, a couple of days before Christmas, so I knew I’d be on my own for awhile. And meanwhile, I wanted my blog back up! Could I at least fix the damage I’d done?

I decided to try to see if there was a way to remove the offending “s” from the http. My website would still show up as “Not Secure”, but at least it would show up.

I googled again, and found some instructions. This time it involved posting code into a file. This sounded to me like far more dangerous than simply changing my settings in my dashboard. And look what that got me – a broken site! So messing with the code sounded pretty risky to me.

The first set of instructions says to access my site via ftp, which I don’t know how to do.

However, I do know how to access my files by logging into the server. Maybe that’s the same as ftp. Or maybe not. Who knows.

The next set of instructions said to edit my “wp_config.php” file. Could I even find the file? If so, did I dare edit it?

It said to take those two lines of “define” code, change “example” to the name of my site, and insert it into a specific spot in my “wp_config.php”.

I took all these screenshots so I could explain later to a customer service agent all the dumb stuff I did that took my websites down. As much as I love this blog, I was mostly terrified that I’d accidentally take down my business website. I’m a life coach and I often get a lot of my new business around the new year, as people are looking forward and making resolutions.

Here’s the instructions for where the code needed inserted.

Next step was to find my “wp_config.php” file. I went back to the page with all the icons, and clicked on “file manager.” Yep, there they were, all my files. I have several websites (two in active use and several abandoned), and they are all nested underneath my original website, so it was confusing and hard to tell which files went with which website. But finally I decided I had identified the correct “wp_config.php” file.

See it there, fourth from the bottom? “wp” stands for WordPress, which is the software my sites use, and “config” presumably stands for “configure.” I right-clicked on the file and got this reassuring message (not).

Not at all reassuring! However, I was determined to try. I hit “edit” and saw my code. Yep, there’s the spot where I was supposed to do the insertion. I pasted in the new code and hit save.

And my website came back! Yay!!!

It’s still “Not Secure”. I’ll have to deal with that after Christmas. So I didn’t actually achieve anything. All that work was just to get back to where I started before I accidentally took my website down!