[SOLVED] Solution to a hacked WordPress site

It’s very easy for a WordPress site to get infected with a virus (get hacked). Here are some of the symptoms:

  • Some of the pages will redirect to a malware site and cause your site’s reputation to go down
  • A large amount of SPAM will be sent from your site and therefore blacklisting your server’s IP address
  • Defacement of  your site can happen or some content will get removed.
  • Some plugins might stop working or will get deactivated
  • Lots of PHP errors like: “Cannot add header information – headers already sent”
  • Back-end might stop working or the entire site will display a blank page

Tracking these down and fixing them can be a very time consuming venture and in a lot of cases a restore from a backup is needed but the problem with that is that you will still be vulnerable and have no idea how the virus got in.

So, is there a way to combat these effectively or even eradicate them completely? The answer is yes but let’s first take a look at some issues with current antiviruses and scanners.

All currently existing scanners only look for viruses and not protect against getting infected. Also, not all viruses or threats are detected as they go by signatures and it’s impossible to always have a complete list of those. For example a virus can be inserted in this format: “eval($_POST[‘any_php_code’])” and an security scanner will not see it as this is very similar to regular WordPress PHP code. All these point to how imperfect the scanners are just because it’s nearly impossible to account for all possible variations of infections.

The solution we created prevents any further viruses from being introduced as well as current ones spreading. Once that’s done any scanner can be used to identify and remove the infected files but even if anything gets missed, it’s not a big deal as the viruses will not spread and will be under control.

Our solution is by means of a plugin that works securely within our environment and allows to lock/unlock various parts of WordPress site. The screenshot below shows the settings of the plugin.

Secure Lockdown WordPress 2015-08-28 20-16-27

After the protection is in place no future infections will happen and you can safely scan your site and remove any virus-like files. When moving to one of our annual packages we will be happy to assist you with your infected site and get it cleaned and protected. Happy sailing!

 

How to have a stable site without viruses or spam.

The most common point of failure for new sites is their  susceptibility to spam, denial of service attacks and code vulnerabilities. What are the necessary steps to take to avoid all these?

Control Your Traffic

First and foremost is, there needs to be a protection against the evil scripts that constantly scan sites looking for security holes. This is the traffic that directly hits your site. The best way to implement this type of protection is to scan traffic before it hits your site. This can only be done by using a proxy service at the DNS level.  It can be a separate VPS or cloud box with not very many resources that would scan your traffic and then redirect it to your main site. We use CloudFlare to relay traffic to our sites.  Not all hosting providers support it as it requires some preliminary set up but we have set up all our servers to fully utilize it. CloudFlare manages all DNS requests coming to your site, use blacklists of dangerous IP addresses to block requests from them and cache images and scripts to save your bandwidth.

In addition, it’s important to have a script or plugin for your site’s software that can tell real visitors apart from bots that are just snooping around. It should also be smart enough not to block any legitimate search engine scans. We have developed a Protection Against DDoS plugin for WordPress which we eagerly share with our customers and partners that does just that and does it well.

Keep Your Software Updated

With latest versions of WordPress in particular it’s very easy to set up automatic updates of WordPress application as well as all of the plugins. If you haven’t done any customization work to your plugins or your theme, this is a must-have feature. Enable it as quickly as you can. There are services on the Internet that allow to manage multiple sites from one location and set up automatic updates too. We are currently in development of our own plugin that would allow smooth upgrades even if there was some customization done to plugins.

Disable and Outsource All Email Services 

If you have your emails on the same server your website is one, you will have issues! It’s just a matter of time. There are a lot of regulations about how emails should be sent and how bounced or unsolicited emails should be handled that it would require a long process to make everything work perfectly. Therefore, it’s better to not have your emails on the same server where your web site is. There are two parts to it:

1 – Emails that are sent from your site

2 – Emails that you connect to from an email program or webmail

Everything your site sends can be overwhelming but if you relay that through a service like Mandrill you will be able to actually see what goes out (they have very nice reports) and be able to make the necessary adjustments.

As far as regular emails use services like Gmail or Outlook (although they are pretty expensive) or our dedicated email service. Most providers have email services enabled by default, so you will have to ask them to disable them for you and help you set up the once that were described above.

Disable Comments on Your Site

Replace comments on your site with Facebook comments or disable them completely if you don’t need them.

Use Strong Passwords

Some online attacks can successfully guess your passwords if they are weak. We have covered this in our Creating Strong Passwords and Avoiding Weak Ones article.

Scan Your Computers for Viruses

This is the most common reason why your account would get hacked. Some viruses have abilities to log in with your passwords and then do whatever they need to do to your account to compromise it. Prevent this by using very strong AntiVirus software like Kaspersky Antivirus.

How to install WordPress by hand or manually

Even though installing WordPress is easy, sometimes things can go not the way you expected. This primarily depends on where you install it. Where can you possibly install WordPress? It can be on your Mac, web hosting account, cloud, VPS or a dedicated server. So the environment can greatly vary from a Windows box or any flavor of Linux or Unix. This article doesn’t cover auto-installers which can be time-savers but are harder to troubleshoot if things go wrong. No matter where you are going to install WordPress the following guidelines will always apply:

  •  A database has to be set up (created first) – How to create cpanel database
  • WordPress files have to be copied to your environment and expanded
  • WordPress installation script will have to be run from your web browser

These three steps are a must and if followed correctly will result in a working WordPress site. You will have to configure it after that but that’s where WP Simplify and WP SiteBuilder come into play.

WP custommization