Most of us know, by now, to clear cache and restart the browser, after updating a blog, for consistent testing. Some folks know that blog security changes don't always take complete and immediate effect.
Recently, we're seeing a new effect, reported by owners of Blogger accounts locked, after hacking activity is detected.
I got a message mentioning suspicious account activity, when I logged in to Blogger. I provided my phone number, and I received a code on my phone, that I had to enter before I could then log in. My blog was working fine just after I logged in. A short while later, though, it was gone. Why was my blog deleted, because I unlocked my account?This blog owner is just slightly confused, about the cause and effect here.
Google robotic processes are constantly monitoring account login activity, and watching for signs of hacking activity, such as brute force password entry.
Hacking Cannot Be Detected, Immediately.
When hacking is detected, the detection may not be immediate - so Google protects us by considering the possibility that the hacking could have been successful, and deletes or locks blogs owned by the account under attack. The blogs in question are taken offline, immediately, when hacking is detected.
When a blog is taken offline, blog content may be found in cache.
If a blog owner has just been working on a blog, as is frequently the case, the blog contents will be cached somewhere between the owner and the Blogger servers. Blogger can take the blogs offline, on their servers - but any cache containing the blogs will remain. If the blog owner is working on a blog while the Blogger account is under attack, what's in cache will remain, visible to the owner, until cache expires.
If a Blogger account is attacked, and the attack is detected, shortly after the owner has viewed a blog, what's in cache will be used, until it expires. The owner won't see the effects of the blog being deleted until the cache expires, and the browser tries to retrieve a fresh copy from the Blogger servers.
As cache expires later, the blog owner sees the blog go offline.
The blog owner sees the blog go offline shortly after he verifies account ownership, and thinks that the verification process caused the blog to go offline. In reality, the blog was taken offline before the owner even knew of "suspicious" account activity.
The blog owner has to wait, while the blogs are examined for hacker changes.
Now, the blog owner can do nothing, except wait until the account and the blogs are examined for signs of tampering. In some cases, no notification of progress will be received - and the owner will see the blog(s) returned to service, sometime later.
How much later the blogs return to service will vary widely, depending upon several details - and this variation, added to the uncertainty caused by cache latency, leads to mystery. And less attentive owners may take the delay as revenge, by Blogger, for their lack of attention to their blog(s).
Browser Cache, And Confusion About Blogs Locked After Suspected Account Hacking
Browser Cache, And Blogs Locked After Hacking