Put your trust in these folks; they ROCK!

A few weeks ago, it was discovered that a client site we didn’t build or maintain had been hacked badly. All nav links were changed to spam links in addition to a missing home page and scrambled content. To make matters worse, the client was several major rev levels behind on the WordPress core files as well as all of the plugins. The only exceptions were the plugins that had been deprecated but still in use.

What also didn’t know was that the site had been hacked at least three years ago, so ALL of the backups available to us were useless as they were already infected.

We worked with Marco and Paolo from the Wordfence Malware cleanup team (KUDOS to these guys; they were great!) were really on the case for us. They identified and cleaned up every piece of malware that had deeply infected multiple site pages. Everything that could be updated was and the usual changes like deleting old and creating new administrator accounts, SFTP & WPDB passwords, salts, etc., etc., and then immediately made a full Updraft Plus backup of the website. We also did a complete file by file backup plus a WP content export of all pages, posts, etc.

So we knew that if the site got hacked again, at least we’d have a known good base level backup we could restore from.

The only remaining problem was that the cheap free theme the client used to build their site had long been abandoned by the author/developer (more than 5 years ago!) and so that vulnerability was still existent.

Sure enough, after the fully cleaned site went back online, we saw a huge spike in brute force attacks using previous administrator usernames, and XSS (and other) attacks. So, it became clear that the old crew, who probably originally hack the site in the first place, wanted back in.

Wordfence Professional (a one year Pro license is included in the malware cleanup cost!) to the rescue. Since the vast majority of attack attempts originated from foreign IPs, we just turned on the blocking of the login page from EVERY country except the USA. Brute force attacks dropped to a mere trickle – and the realtime Wordfence Firewall rules protect the site from the XSS (and other) attacks. We’re happy to report that the site is still up and running! We closely monitor the daily Wordfence can reports (mostly clean except for deprecated plugins still in use and the abandoned theme) but we know that behind the scenes, the good folks at Wordfence have our backs by providing 24×7 champagne quality protection for a beer budget cost.

If you rely on your website, even the slightest bit, or have clients who rely on you to protect their websites, their reputations, and the security and safety of their site guests, Wordfence is a no-brainer.

Hell, it’s practically negligence not having the Wordfence plugin installed and properly configured!