Just as I was about to settle in for the holiday weekend, I received an email from a client with a screenshot of their website – “Reported Site Attack. This site may harm your computer.” Soon I received more websites with warnings. Before I knew it dozens of websites on my server were infected.
It turns out it a vulnerability in outdated WordPress versions had opened these websites up to the attack. After realizing that some websites were beyond simple repair, I hired the security company Sucuri to help manage the repair process. Together we spent hours repairing files, deleting outdated plugins and restoring websites back to working order.
What have I learned over the last week? Lots!
1- It is critical to make the updates released by WordPress. This includes updating all plugins.
2- Delete plugins that are not in use. This minimizes the number of directories and files that can be infected if malware spreads.
3- Protect every website with a security monitoring service, such as Sucuri. Having extra eyes on your website at all times will help you catch the problem faster and address it before it spreads too far.
4- Use strong passwords and change them frequently. I recommend using the strength indicator within WordPress to ensure you have a “strong” password.
5- Owning a small business has great rewards, but it also means sacrificing holidays when issues like this arise. Worth it? Definitely!
Author: Jennifer Sanderson
I take the frustration out of managing your WordPress website so you can focus on growing your business. My unique approach to website maintenance means you get dedicated one-on-one attention to your website without the cost of a full time employee. Learn More About the Blue Duck Difference