The advantage to WordPress sites is that they are built on open-source software, which allows for all the great plugins and themes that allow you to make your site look and behave the way you want it to. The disadvantage is that is has become so popular that WordPress sites are prime target for hackers. Hackers are typically people trying to target just your site – they write code (software robots or “bots”) that propagate themselves around the internet looking for vulnerable sites. And your WordPress site is such a target.
I spend a lot of time making sure that our customers websites are as secure as possible, but still hackers sometimes get through. Once a site is infected, it may be blacklisted by Google or simply identified with a warning. Removing this blacklisting or warning cantake weeks, even after the threat is removed from your website.
A security compromise can be a very frustrating (and expensive) situation, especially when it is reoccurring. From our experience, a compromise such as this primarily happens because of one of two reasons.
1. The admin user has an extremely poor password like “password1234” which has been guessed by a “bot” or other autonomous password harvesting application. However, occasionally you get a compromise where the passwords are secure, and realistically could not of be guessed by a “bot” without alerting our brute force protection alarms.
2. The more likely cause is that the site owner’s PC is infected with some sort of Malware or Virus. There are many Malware programs out there which
I recently discovered a plugin for WordPress sites that I recommend you install to keep your better protected. It helps to protect your site against most of these problems. Details about the Wordfence Security plugin follow: […]