Please read to the end!
I recommend a Security Plugin to all of my clients for their WordPress websites, and I have it on my own sites to protect from malicious activity. As we know, the plugin doesn’t offer 100% security and I got hacked! I want to share my experience with you and tell you about a stronger option than the plugin for your WordPress site. I want to help PREVENT this from happening to you. (I spent 4 hours fixing the problem and lost my email for 2 days because of other complications.) For additional protection, I chose SiteLock and they are just one such company that offers this service, you can use whoever you’d like. SiteLock is a partner with BlueHost (who I recommend for hosting) and therefore, a company I felt I could trust to get me out of my immediate situation of having ALL of my websites go down from the Internet at once.
‘Malware’ (A word created from combining Malicious + Software)
is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software. When your site has malware, it might go down, or it might automatically refer users to another site, a “not good” site if you get my drift.
My emergency started on June 7, thankfully I was in the office and able to work on this immediately when I got the notification. Here’s what happened to me.
12:37pm I get an email from BlueHost saying my BlueHost account has been deactivated because BlueHost detected Malware on my account. I call BlueHost immediately to find out what happened. I am referred to SiteLock, their partner that provides security services. After an hour on the phone with the technician, he explains my website was infiltrated and once into a site on the server, they got into ALL of my sites. I set up an account to get moving towards repair. He explains two services, one to scan my site and find the malware and one to actually REMOVE the malware. I need help with this, I can’t detect malicious code behind the scenes on my sites, I don’t read code. We set up the account and he submits a ticket to get 2 of my websites scanned and cleaned.
He transfers me back to BlueHost and they walk me through how to delete the WordPress installation and all the files on 4 other sites I own that are partially developed, just ideas we were working on, but not launched to the public. Bad news though, I had tell my daughter that the website I made for her so she could sell her photo note cards has to be deleted now too because she doesn’t make enough profit monthly to cover the cost of the scanning to clean it and protection moving forward. 🙁 (We made a commitment to check on other distribution methods – another business teaching moment for her.)
2:41pm I get an email from SiteLock saying that my sites are now clean, they removed the malware. THANK YOU! I thought that was fast service. Luckily BlueHost deactivated my account before my site was blacklisted by Google, which is another story about getting that resolved and the consequences of being blacklisted.
2:47pm I get another email from SiteLock saying that SiteLock has successfully configured SMART (Secure Malware Alert & Removal Tool) on my websites.
3:09pm SiteLock sends me an email saying they have successfully configured TrueShield (Web Application Firewall) to my websites. Thank you SiteLock! Whew! This could have been so much worse! I am so glad it got caught when it did.
3:18pm I check my sites and they are still down, my BlueHost account is still deactivated. I am now on the last step, still keeping my cool and using all the patience I have. I call BlueHost and alert them that all sites have either been deleted or fixed so they can reinstate my site. They run their own scan to confirm it’s safe and reactivate my account. Then, I start the process of changing passwords on all websites and my BlueHost account as recommended.
I think to myself, WOW…that was too close for comfort! I want to alert all of my current and past clients of what happened to me and how they can hopefully prevent it from happening to them. I think of it like insurance. If you want to pay a fee to prevent problems with your website or blog, and it effecting even more like your computer, then read on. If you want to take the risk and only treat the problem if/when you get it, you can do that too, but still read on because there is extra preventative advice at the end that I share from SiteLock.
I Negotiated a Discount For You
I called SiteLock back after everything was fixed and explained that I have many clients that might want their services too. I spoke with KIMBERLY. Because I explained I would refer numerous clients to SiteLock because they did such a fast and complete job, she offered a discount, but you need to call her directly for the discount. I get no kick-back, no incentive for referring to them, it’s just a discount that they agreed to offer to my clients. And you don’t need to choose this company, you can research your options yourself, just don’t wait to do it!
Malware creation has broken new levels. With 160,000 new malware strains detected every day (and growing), millions of websites are vulnerable. SiteLock scans over 5 million websites every day for malware and vulnerabilities. Their website scanning tools evaluate your website both from the outside-in and the inside-out to fully analyze your website or blog.
Here is Kimberly’s offer:
SecureSpeed Plan – $45/month with a 6 month agreement. (Regular $79/month)
What it includes:
SiteLock Premium Scanner scans your website for malware and utilizes SMART (Secure Malware Automatic Removal Tool) to help automatically remove 95% of the known malware in our database. On top of that we perform daily vulnerability scans where we replicate techniques used by hackers to test the website to see if there are any issues with vulnerabilities.
SiteLock Premium Firewall proactively protects websites against malicious bot traffic, and works with sites with SSL’s. It leverages the SiteLock TrueSpeed Global CDN to accelerate website speed by as much as 50% and saves 40-70% bandwidth by caching static & dynamic content using patented intelligent dynamic caching technology. It will also provide you with traffic statistics within your SiteLock Dashboard.
Below is a link to the SiteLock website that describes the plans and here’s an image of the plans. If you don’t currently have malware, then you can sign up for the SecureSpeed. Since I got infected and needed to get the malware removed, I signed up for the SecureSite plan. This cost is per website/domain. If you have more than one website or blog, you will want protection for each one. If you own 3-5 sites they have a discounted offer. Again, call Kimberly directly for the discounted amount.
https://www.sitelock.com/plans.php
If you would like to call Kimberly and ask questions, you can reach her at her direct line 480-725-9248 anytime between 6:00AM and 2:30PM Arizona time. She works Monday through Friday.
After my websites got cleaned I got this notification, read the PREVENTATIVE measures you can take:
Dear Michelle Aspelin,
We have successfully configured SMART (Secure Malware Alert & Removal Tool) on your website.
How does SiteLock protect me?
The SMART scan takes a comprehensive look at the surface of your website from the outside-in, as well as the files on the back-end from the inside-out, to detect hidden malware. If any website malware is detected, the automated tool quickly removes it so that your website does not become blacklisted or incur any downtime.
SMART ensures that your customers receive a secure experience when visiting your website
Your issue has been resolved and this ticket will be closed. Please feel free to contact us 24/7 at (877) 257-9263, or email support@sitelock.com with any questions or concerns.
How to maintain preventative security for your website, visitors, and data. The most important thing you can do to keep your website safe is play a proactive role in the security of the site.
Passwords
Set a strong password for all your logins: FTP, Admin backend, Database, Host (Plesk, cPanel, etc). It is recommended to have a 7-15 character password, using a number, character and upper case letter. Make sure that you are changing the password at least every 30-90 days as a preventative measure.
Never log in to an account from a link sent via email. This can be a form of a phishing attack.
User Access
It is best to limit the amount of users that have access to your hosting account, passwords and FTP. The more users you create, or share logins, the more at vulnerable you are to security risks and exploits.
Updates
It is critical to make sure that your website is always up to date with the latest software release. It is best to ensure that all plugins, modules, themes, and versions are always up to date. These updates will help prevent known vulnerabilities to the application of the site.
Clean-Up
Set a regular time to run through proper maintenance of the site. Remove all old coding, unused user/FTP accounts, and unused files. Make sure to never leave a back-up of your website on your server, this is a huge target to hackers. Properly maintaining regular clean-up will ensure less vulnerability to security risks and exploits.
Sincerely,
The SiteLock Team
Phone: 877-257-9263
Email: support@sitelock.com
So, if you’d like to try to prevent malware issues, I recommend you call KIMBERLY directly and set up an account with SiteLock.
Remember to keep your WordPress version and all plugins updated and make your passwords complex!