If you need help with malware, order that service here. If you’re looking for information, read on:
Do any of the following scenarios sound familiar to you? If so, I think we can find an answer.
1. My readers have let me know that when they click on my site they get a message saying I have a virus. What can I do?
2. What’s wrong? Does this mean I have a virus?!?!
3. Google has blasted my site with the big red warning screen – I’m panicking!! What do I do?
4. How can this happen!?!?
WordPress Security vs. The Bad Guys
Imagine a huge plate of spaghetti noodles piled high on a serving platter. For our illustration that will represent the internet.
“Malware” is simply anything that does harm to your particular noodle.
Malware is not looking for your noodle in particular. It is simply looking for any website with a vulnerability.
My point is that it isn’t personal – this is not a targeted attack destined to do your noodle damage, although it can feel like it.
Is WordPress Secure?
If a celebrity gets a cold we all need to know about it. If you or I catch a cold, it isn’t really news worthy. Somehow, the more popular you are, the more gratifying it is to find your weaknesses. The same is true for WordPress – it is insanely popular. So there are some who find it somehow entertaining to challenge the security of it.
On the flipside, because it is so huge, and because WordPress is ‘open source’, it’s backed by 100’s of developers and 1,000’s of contributors all making it better and more secure by the day.
Literally – by the day. It’s mind-boggling.
So is it secure? I see it like a race. Just as fast as the evil minions can come up with malware, WordPress is fighting to become impenetrable. And yes, I’m betting on WordPress and a few best practices: see below.
Back Doors: escaping unscathed
Have you seen the movies with the teenage boy climbing out the top floor window of his girlfriend’s bedroom? It’s dark. A twig snaps. Shortly after, Daddy comes out the front door with a shot gun? We route for the fellow to escape unharmed and true love to prevail. I always picture this scenario when talking about Back Doors. Except we’re not letting an unsung hero escape our bedroom window, we’re letting a virus out and leaving an opening for him later.
Back doors – these are the pieces of code that leave little holes for the malware to come back later. Its essential you get these out of your website.
Best Practices for WordPress Security
Items for your geeky brother/sister/husband/wife: Make sure your computer is secure (use anti-virus software, use 2 if possible). Make sure your network is secure (use a firewall).
Items for you: Passwords need to be changed and random: admin users, FTP users, MYSQL users.
Make sure all your passwords are randomly generated.
Since starting this business almost 10 years ago, I have seen thousands of passwords. Have you heard that most people use passwords like their names, children’s names, birthdays, and words like “adm1n” and “passw0rd”? Let me confirm that that statement is 100% correct! You would not believe the number of insecure passwords I’m given on a daily basis.
Items you might want help with: Make sure your WordPress, Plugins, and Themes are all updated and from reputable sources (use as few as possible). See our WordPress Upgrade Page for details.
78% of malware cases can be attributed to outdated WordPress or plugins! (source)
#1 Tip for WordPress Security
Let us monitor, upgrade, backup and secure your site. Plus have a geeky girlfriend available any time you need answers! Check out our full VIP service here.