Some of you noticed that Remodel Blog was off-line for nearly a week, with Google’s security warning popping up for many visitors. While I never thought it would happen, Remodel Blog was hit by malicious code. I decided to describe this event so other business owners can learn from what happened to us, and what you can do to get your site up and running again in no time flat.
How did malware enter the site?
I still do not have a definitive answer. Our web host, a large and well-respected company, sent word a few weeks ago that malware had been found in their systems. So those could have been the culprit. However, we also updated many plugins for this site, and sometimes these utilities unknowingly carry an unfriendly payload. And then, of course, there are always possibilities that our user names and passwords were hacked, or that some clever cracker found a vulnerability in WordPress software.
I have some programming experience plus a keen eye for details, so I started looking at WordPress files. In no time flat did I find stuff that did not belong. There also was evidence that the SQL database contained issues, but that was beyond my expertise. In the meantime, it was truly disheartening to watch Remodel Blog sink in Google’s ranking, and to see that awful announcement that “…this site may harm your computer.” Needless to say, I was anxious to either start this blog anew, or hire someone who could repair the damage. Enter Sucuri.net.
During my countless hours of trying to figure out what was going on and how to fix it, I came across many accolades from Sucuri clients. I decided to sign up and try them out. For $89.95 for one site for one year, how could I go wrong?
Sucuri.net rocks! Their site contains a site scanner you can use at no charge, even if you are not a client. Once signed up, they have a WordPress plugin that will monitor your site for potential issues. In any case, I submitted a request to have malware investigated, and by the end of that same day, the site was completely clean, updated to the latest WordPress version, plus they had sent requests on Remodel Blog’s behalf to Google and other companies to review this site and be removed from their blacklists. About ten hours later, Google gave Remodel Blog a clean bill of health and we were back in business.
This entire episode underscores the importance of having a reliable and redundant back-up system and protocol, which I wrote about here. In a future post I will share with you the aftermath of this ordeal, including some helpful links and tips. If you want something you can do right now to protect your blog or web site, here are three worthwhile tasks:
1. Update NOW to the latest version of WordPress and plugins you use. Delete all the ones that are lingering on your site but are not being used.
2. Make a back-up of your site, and also of the database. If you do not know how to go about this, contact your web host.
3. If you have not changed passwords in a long time, or if you use the same password for several different programs, change them now. In my next post, I will include a great link that explains poor passwords vs great ones.
Has your site been hacked or infected? Please share what happened and how you recovered.