Case Studies

WordPress website hacked – Fix?

Wordpress website hacked

Have you ever had your WordPress website hacked? Changes are very good that at some point in your life it will either happen to you, or you would visit a website that has been hacked.

Most people want to know how you can fix it so that it never happens again. The truth is that you can never ever be 100% sure that you have provided sufficient security to ensure that it never happens to you. My reason for saying that is because hackers, like the devil, never rests. I feel that the security industry evolves because of the hackers and not the other way around.

You are hacked

We recently had to restore a WordPress installation that contained a redirection script inserted into some of the page articles. Our initial thoughts were that the site was compromised via a known exploit in the comments component that was patched in WordPress version 5.1.1 which was released on 13 March 2019. This is because the CMS was an outdated version. You always go for the obvious low hanging fruits and fix those first. Update the CMS, themes and plugins and just get the site up and in working order.

Great, now you can start to worry about what else it could be that slammed your site with a baseball bat – similar to a certain scene in The Walking Dead.

As you progress with your investigation you find obvious things like the website not resolving on an SSL domain (https://), ZIP archives containing sensitive passwords and information is available in the root directory and accessible to the public. From here you find it exposes 3rd party scripts and their locations that can compromise the database. After fixing all the holes you sit back and have a beer and a smoke and feel proud of yourself… then you hope you didn’t miss something, or that hackers will take some time before finding a new way into your website.

What do WordPress website hacks have in common?

Over the last 2 years we have done several fixes to WordPress sites that have been hacked for external companies. To clarify, we consider websites/companies/agencies that do not have a monthly maintenance agreement in place as external.

The common thread once we get into the administrative backend of the site is that everything is outdated. Core WordPress files, plugins and themes.

At Brand Barn we have weekly schedules to ensure that the websites we manage and host are up to date. When a WordPress version release comes out we read over the documentation to familiarise ourselves with what changed and why. The same goes for plugins and themes. I can understand that if WordPress development is not your passion that you would not have that interest or routine, but at the very least update your website.

When you are making use of any CMS to manage and run your website content, it is important to take notice of the upgrade alerts they provide via the backend and update those as soon as possible. It reduces the changes of your website falling prey to hack attempts and loss of business.

I find that in general people are very quick to blame a CMS for being vulnerable and easy to hack. At the end of the day it is the same as blaming your local petrol station for running out of petrol in the middle of nowhere. Back at the ranch you drove past them twice and felt it wasn’t necessary to fill up your tank. They had petrol and they were even waving you in!!! You just needed to stop and fill up to avoid sitting next to the road in the hot sun waiting for a saviour.

Do not ignore your CMS waving at you to run an update. Protect your website.

The other option is that you can contact us to manage your services on your behalf.

 

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

three + 1 =