In the space of a week, I had all 3 of my sites hacked. It has to be one of the most frustrating things especially when you’re at work when you realise and are unable to do anything about it!
This isn’t the first time I’ve been hacked, either.
The type of hack I had was one where the hackers (dicks) put some code on my site that re-directs to a spam site. You know the type of sites that tell you you’ve won a new iPhone?
I was livid.
The first time it happened, I spent most of my Saturday trying to sort it out. Annoying as I had lots of other things to do. It seems so pointless writing new posts for your hacked website. Especially when your host can only offer you a rollback, meaning you’ll lose all content past that point.
I paid one company to sort it out in the end, but I wasn’t happy with the service. There were constant emails back and forth, asking me to ask my host questions via support tickets. The emails did not come across very professional and I felt a bit odd about it all. In the end, I changed my password and didn’t have them complete the service.
I paid a second company and had a better experience. They sorted everything out and then once the site was fixed, they sent a report telling me what problems I had with my now clean site. This site was called siteguarding.com. They also monitor your site for 14 days after – with an option to pay extra to monitor it for longer.
Anyway, following this experience I thought I better clue myself in how to stop this from happening again.
So here’s how to prevent your blog from getting hacked.
Back up your website.
Always have a backup of your site to hand. I cannot even imagine how awful it must be to lose 5 years worth of blog posts.
Security Plugins.
Get yourself a security Plugin to help protect your site. I was recommended Wordfence be my hosting company.
Wordfence has features like a firewall to identify attackers and block them before they access your website, blocks certain usernames and locks out users after too many failed login attempts or who try to use an invalid username. You can scan for malware, view logins and blocked intrusion attempts and more. There is also a premium version that offers a higher level of security.
There are many other security plugins out there, it’s worth researching and reading the reviews of some before committing.
Keep your site up to date.
WordPress is always updating its security, so the latest update often contains fixes to security issues to make it more stable. This is the same for plugins. It might seem like a hassle, but it only takes a couple of minutes to update your website!
Get rid of old plugins.
If you’re using a plugin that hasn’t been updated in over a year, then delete it and find a new one that is updated. It’s likely plugins that aren’t maintained are not stable.
Change your password often.
One of the ways sites are hacked is by using brute force attacks – this is trying many password combinations until the right password is guessed. The more often you change the password, the less likely it is to be guessed.
Use a strong password.
It’s very tempting to use the same password for everything but you can’t get away with doing that anymore! Ensure you have what is classed as a strong password – these are obscure passwords that use a combination of capital letters, small letters, numbers and special characters.
Hope this hopes and hope you never have to go through a hacking like I did!
I really hope they stop hacking your sites now! So frustrating!
Sarah 🙂
That must have been so stressful for you, Corinne! I’d be so sad 🙁 I’m backing up my blog right now, just in case! Tania Michele xx
Thank you for sharing this. I’m sorry you had to go through that.
Getting hacked must be awful! Thanks for sharing these tips! I just remembered it’s been awhile since I last changed my password.
Wow this is super scary. It’s weird because I found that I clicked on someones blog the a few weeks ago and I got this virus thing pop up, it wouldn’t go away and wouldn’t let me close my browser. There was a message playing over my speaker to call a number otherwise they’d stop me from accessing my computer. Proper freaked me out! I eventually managed to close it by spamming task manager and then shut my computer off and have been scared to click on blog posts ever since. Today I’m trying to get back on the horse. I’ve been able to access my computer and I updated Kaspersky, so hopefully everything is good now and that was just designed to scare me.
I’m really sorry to hear that you had to go through it on your own site and it’s happened for.. that’s like a nightmare. I will definitely be taking on some of your tips here. Thanks for sharing your experience, even though it sounds super scary. Hope all is good now. ♥
What a terrible experience you had to spend Corinne! I can not imagine losing the content of my blog, I will take your advice into account.
Good lord, what a horrible experience, Corinne! Thankfully you got it sorted out but damn, that’s scary! I had one blog that did that to me but the blogger sorted it out quick too.
HiCorinne, I am so glad that I found your website! So many helpful tips and hacks! Love what you are doing and again thankful for coming across it. I do have a question for you. What are some ways to back up a website? Is this something your host is responsible for or something that is included when buying a domain? Thanks in advance and happy Friday!
Maureen