My blog just disappeared from my dashboard - and no, it's not listed under "Deleted blogs"!
When the owner mentions the notice about "suspicious" / "unusual" account activity, or having unlocked the account (by solving a CAPTCHA, receiving a phone message, changing the password) - and is advised to wait "24 to 48 hours" - many ask the obvious.
Is "24 to 48 hours" really accurate?
In reality, the legendary "24 to 48" hour time period is only a ball park figure - and both Blogger / Google, and the blog owner, contribute to the uncertainty.
The well known advice to "Wait 24 to 48 hours", after a Blogger account is locked for suspected hacking activity, is only an estimation of the waiting time, which the owner may have to endure.
Account / Blog integrity verification will, regrettably, take several days.
This is an unavoidable side effect, in account / blog integrity verification.
There are several factors which can contribute to the accuracy of "24 to 48 hours" (which maybe should be stated as "one to two business days").
- Availability of essential Blogger / Google personnel.
- Current hacking activity level, and ongoing Blogger / Google workload.
- Blog content, which complicates hacking payload analysis.
Only the blog owner knows the details of the correct blog content.
We've referenced the first two factors (personnel, and hacking activity level) in the well known Blogger FAQ How long will it take?. The third involves detail which only the blog owner can provide. Many blog owners contribute to this uncertainty, in the development of their blogs.
Hackers add their own blog content - when temporarily undetected.
There are several types of content, which hackers like to add, to blogs temporarily under their control.
- Advertising - and similar shiny accessories.
- Custom code - and various template tweaks.
- Links to other blogs - and to websites outside Google address space.
- Team memberships - and multiple blog owners.
All of these features, also added by the owner - and allowed (and encouraged) by Blogger - can require extra effort as a blog is validated, after detected hacking activity.
Security experts have to look for hacker added content - and this takes time.
Blogger / Google security experts, in examining an account / blog, must look for features possibly added by the hacker. Security experts have no immediate knowledge what was added by the owner, long ago - as opposed to by a hacker, more recently.
Any advertising, custom code, external links, or team memberships, intentionally added by the owner, will contribute to time spent validating blog integrity.
- Leave a setting or tweak added by the hacker - and the blog remains a security risk, when returned to service.
- Remove a setting or tweak added by a blog owner - and the blog becomes broken, when returned to service.
Neither is desired, by the blog owners - nor by Blogger / Google.
The more custom content, added by the owner, the longer verification takes.
More accessories and tweaks == more time spent by security experts == more time the blog remains offline, while the owner waits in uncertainty.
This uncertainty, added to delayed deletion caused by cache latency, leads to mystery.
All of this brings to mind the old adage.
KISSKeep it simple, stupid.