Adventures With WordPress Malware

Let’s first put this into perspective. I am barely competent to maintain a WordPress site. If anything needs to be addressed that goes beyond my site dashboards … I am toast. Recent events elevated my status to that of burnt toast. For those of you who know me or who have visited this site before … I’m a salesman and I don’t do no stinkin’ tech work.

Now, I am well aware of the dangers of internet viruses and malware and have strong applications installed on my computer to monitor, block, and remove these nasty beasties. I use strong passwords and two-step logins where appropriate. It never occurred to me that my websites might be vulnerable to these same attacks.

I had ass/u/med that my web hosting company would provide these protections. After all, if this crapware infects my websites … it is on their servers. Well, I would be wrong and you might want to check with your hosting provider. My first alert to these issues was quite accidental. I was experiencing a problem that was affecting both of my sites identically.[Tweet “Read about my adventures with WordPress malware!”]

I might be stupid but, I’m not all stupid and this behavior led me to believe that a common plugin might be the issue and … I believe it was. Still, while poking around trying to figure this all out, I noticed some random coding in my theme files. None of it seemed to make any sense so I interpreted this to be some kind of system hiccup.

Mind you, both sites were seemingly working fine. I did have a friend clean that up on the one site and then I decided that I didn’t want to use that theme any longer so I replaced it. I was pretty pleased with myself as I figured that this would completely remove the problem.

About a month later, I was notified by Hostgator that malware was discovered on my other site and that a file had been quarantined. Everything still worked so, while I had some concern … I didn’t act right away. Then it happened again. Now I had to do something about it.

Hostgator referred me to SiteLock. They were extremely easy to work with but, they don’t come cheap. That is not too say that they are not priced competitively. If I were a real business, they would be quite reasonable but, I’m not. I explained to the gentleman that I am semi-retired and that this was more of a hobby for me than anything and that I was not willing to surrender my first born as a part of their fees.

We finally settled on a price for an initial cleanup along with six months of their basic monitoring (you can spend more) and they got right on it and the work was completed well ahead of my expectations. As this is such a rarity these days … I was quite pleased despite the fees. They informed me that they had cleaned close to 400 infected files. 400!!?? Good grief!

This got me to thinking. My other site had never been tagged by Hostgator for having infected files but … was there any good reason for me to believe that it might not be equally disease ridden? Probably not. I decided to do a little research on my own to see if I could find that out for myself.

At one time I had looked at a plugin called Wordfence but had decided that it was way to complex for me to figure out let alone manage. This is a free plugin but, it does have a premium version. I decided to install the free version and to manually run a scan. Dohhhhh! Something like 80 infected files were identified. Now what?

I did a little more research on Wordfence and I came to find out that they not only offered a premium service … they could also perform an initial cleanup and these two options were available for substantially less than SiteLock. They met my budget and I was able to keep my first born. Done!

I wish that I could say that they were as easy to get started with as SiteLock. For one thing, they have no phone number and, while I’m pretty good at research, I never did find one. Everything is done via email and their response time was not to my expectations … especially when they already had my money.

When we did connect, I was told that I had four sites (one was a development site and another had since been shut down) and that they needed to clean all four sites in order to ensure against cross-infection-pollination. I could understand that however, my one other site was currently under contract with SiteLock and I had paid some good money for that and to have it cleaned. I removed the other two sites.

The good news is that the folks at Wordfence inspected my SiteLock monitored site and found it to be clean and were now willing to service the one website only. Now, I had expected that they might look at that site but, I was fully anticipating a cluster storm when they told me … “that site ain’t cleaned” so, I give them high marks for honesty!

Honesty means a lot to me and Wordfence’s honesty went a long way toward assuaging my concerns regarding their response times. They performed the work as promised and exceeded my expectations in this area (100’s of files were cleaned). They also provided strong written suggestions for other things that I needed to do in order to better lock down my site. Now I will need to figure out how to manage their interface and we will see how that goes. It’s above my pay grade but, I’ll learn … somehow.

The next six months will be interesting as, at that time, one of these two services will have both of my sites. Certainly, I have a budget but … my budget is not based on dollars alone. I am willing to pay more if the value is there to warrant it. My gut feeling is that both services will perform well. Aside from price, Wordfence is a plugin and it is largely do-it-yourself other than they do include premium support and have indicated a willingness to help.

I have already requested Wordfence’s assistance in regard to some clarifications and they have responded quite quickly. The plugin has a ton of option check boxes but, it does come pre-configured with recommended settings. SiteLock resides outside of your website interface and it is largely … you don’t really have to do anything. Certainly, for someone like me, that does hold appeal.

So, if you are thinking that your WordPress site does not need protection … you might think again. I have been educated of the perils and the fact that there are ugly little bots scurrying around with one goal in mind … to make us miserable. You have been forewarned.

Craig M. Jamieson
Craig M. Jamieson is a lifelong B2B salesperson, manager, owner, and a networking enthusiast. Adaptive Business Services provides solutions related to the sales professional. We are a Nimble CRM Solution Partner. Craig also conducts training and workshops primarily in social selling and communication skills. Craig is also the author of "The Small Business' Guide to Social CRM", now available on Amazon!
Send this to a friend