Yesterday, we experienced an attack on several WordPress websites due to shared hosting customers not updating a plugin. I can not stress the importance of keeping WordPress and it’s plugins updated. If you can not do this yourself, we do offer a cost-effective service where we will regularly do this for you. For customers not on this service plan, you are responsible for your site’s health. If you do not keep your site updated, you will be suspended and billed for repairs.
We advise ALL users to update WordPress and all plugins IMMEDIATELY.
Here’s the process you should follow:
- Login to your site.
- If your login doesn’t work, click the Forgot Password link to have one issued to you. The hackers likely changed your password.
- Run any updates for WordPress.
- Update all plugins that need it.
- Remove any plugins that you don’t use. The more links in the chain, the more vulnerable your site is.
- Update all themes.
- Deleting any themes you don’t use. Especially the ones WordPress likes to install with each major update.
- Install Wordfence Plugin (if you don’t have this already).
- Activate Wordfence Plugin.
- Configure for maximum security.
If you want to use the settings we use, you can import our settings with this code. But that will send updates to my email address, so please update with your email address after importing those settings.
- Run a scan from Wordfence.
- Did it find issues? Then fix or call us.
- Repeat scan after fixing until you get the all-clear.
- Install Heartbeat Control plugin
- Activate Heartbeat Control plugin
- Reset the password for your account profile. If you log in with a WordPress.com login, you should change your password in both places.
At this point your site should be clean and run better.
If any of this is overwhelming or you need support, please do not hesitate to call us or subscribe to our WordPress Update Service for just 5.00 per month. Failure to not update your site will result in suspension and you are subject to repair costs.
Thank you for taking the time to do this. As always, don’t hesitate to call me for help or if you have questions.