By John Eberhard
I recently had three client websites get hacked. That means someone managed to log into my client’s hosting account or their WordPress account, and put their own (the hacker’s) content there, or put malware there. According to Google, this is done by people to somehow make money. I’m not sure how they make money from this but apparently they do.
There are several bad effects that can be caused by this:
- The site could now show other content, not your content
- The site could be taken down by your hosting company because they detect malware on it
- When someone searches for your site by company name, Google will put a notice there saying the site is probably hacked
- When someone searches for your site on a search engine, they could see Japanese characters or other content
- Malicious malware hidden inside the files of your website
- Your hosting company taking down your site because of "excessive CPU usage" caused by the hackers
Obviously this is an emergency when this happens, so I had to take fast action to handle the hacking on these sites. Because any benefit the client is getting from their website will be reduced or eliminated while this is happening.
There are several actions one can take to prevent this from happening, or to handle it if it does happen.
The first thing one should do to prevent this is to set up an automated backup of your site. With WordPress sites, there are backup plugins one can install that do an automated backup of the site database, and email it to an email that you specify. I set them up to backup once a week and I have set up a Gmail account for all my client backups.
This way, if the hackers take down your site completely, you can restore it from the backup file. A couple months ago, a client’s site was hacked and all his content taken down and other content put up. My having the backup file allowed me to restore his content to the site.
I have started using the free Sucuri Security Auditing, Malware Scanning and Security Hardening WordPress plugin, and have installed it on all my client sites where they are on a monthly marketing retainer with me.
One of the things that this plugin does is it sends you an email notification when someone tries to log in to your WordPress account and fails. Amazingly, I am getting in the neighborhood of 40-60 of these notifications per day, for all my client websites where I have installed this plugin. That means that hackers are VERY active in trying to hack into sites everywhere. If you don’t have this plugin or a similar service, you could have people trying to hack into your site and not know about it.
One other thing that is important is to keep your version of WordPress and the versions of all your plugins updated to the latest version.
Restoring a Hacked Site
On two recent site hackings, I installed the Sucuri Complete Website Security and Malware Removal service on the sites. Unlike the free plugin this is a paid service – $300 per year. This service includes:
- Malware & Infection Removal
- Website Hack Repairs
- Google Blacklist Removal
- Google Warning Removals
- Brand Reputation Monitoring
- Malware Analysis & Research
- Prevent Future Website Hacks
I don’t usually pitch services in my newsletter but this service totally handled the two recent hacking incidents, including getting rid of the malware, and getting the Google “your site may be hacked” message down. I think this is important enough to let people know about a good solution I have found.
I recommend all website owners take some steps to prevent hacking. If the site is a WordPress site, update versions, set up weekly backups, and install the free Sucuri plugin. If you routinely make money from your site, it is totally worth it to set up the Sucuri paid service.