Admitting your website has been “infected” by malware or injected code feels a little like telling people your kids have lice – everyone gets a bit itchy, uncomfortable and paranoid. And like lice, after you have “deloused” you try to move on, ignoring the momentary panic attacks when you think about it happening again.
But the fact is, if you are running a website, you are at risk for being hacked or attacked. And if you are running that website using an open-source platform such as WordPress, Drupal or Joomla, chances are good the attack will be successful.
I was reminded of this yesterday when, checking on my husband’s website, I noticed a suspicious link (an ad for Cialis) at the top of the page. My immediate reaction? To quote Jessica Huang from “Fresh Off the Boat” – Oh, hell no.
Beyond the obvious (no one wants unauthorized links kicking around their website) letting a problem like this fester can eventually lead to the site being blocked by Google in an effort to protect users from malware and other infections.
Two years ago when his site was victim of another attack, we took a “slash and burn” approach to fixing the problem. While we were able to clean up the issue and have his site released from quarantine, we were all left a little shaken and worse for wear (including the website on which we lost some content and confidence).
With the first symptom appearing on his site, I took some time to evaluate the full extent of the problem. Using Google Webmaster Tools and the Auditing, Malware Scanner and Security Hardening plugin from Sucuri Security, I was able to determine that the site had not been quarantined, but that there was some suspicious behavior, including repeated attempts to login to the admin in what appeared to be a brute force password attack.
While researching the source of the Cialis link, I discovered that we were one of many sites that had fallen victim to the hack. I also realized that it could take me hours/days to remove the infection and restore the site – now I felt less like the site had lice, and more like it had cancer.
Using that analogy, I was able to convince my husband that we needed to bring in experts – enter the pros at Sucuri. 45 minutes after subscribing for their Website AntiVirus + Website Firewall service ($299/year), Sucuri had the site cleaned up and started monitoring the site for malware and hacks.
With the site scrubbed, I went back and completed a few housekeeping items (which may not have prevented the problem, but felt a little like closing the barn door after the horses had escaped):
* Upgraded WordPress and all plugins to the most recent versions
* Removed all unused plugins and themes
* Added dual-authentication to the admin page
I also activated the Sucuri Firewall which, according to the site, will block hackers, malware and blacklists by creating a perimeter defense around the site.
The benefits of open-source Content Management Systems like WordPress is that it requires very little technical knowledge to create and maintain a website. The downside is that the more popular the platform, the more likely it will be attacked – and fixing the issues takes more than a little know-how.
So use the tools, make the proper adjustments to “harden” or protect the site, but consider either subscribing to a service like that from Sucuri Security, or at least put a little money aside just in case you need a quick cure.