I had my very first website hack experience recently, if you had visited this blog during that period, you would have seen with this scary warning courtesy of Google;
According to Google, they found a malicious code on certain pages of the website and had to show this warning to everyone visiting as a way of warning them of the dangers. At first, I was very angry and confused but I knew I had to face reality and act very fast to cut the negative consequences of the website hack.
How the hackers got in?
I am not exactly sure how the website was hacked but I believe a bad code or configuration gave them a leeway. They knew the site gets some good traffic via the search engines, so they found a way to insert some malicious codes, hoping visitors will visit and get infected.
If your site has been infected, it is generally because some vulnerability has allowed a hacker to take control of your site. The hacker may change the content of the site (for example, to add spam), or add additional pages to the site, usually with the intent of phishing (tricking users into parting with personal and credit card information). Alternatively, they may inject malicious code (malware)—for example, scripts or iFrames that pull content from another website that tries to attack any computer that views the page.
How I resolved the website hack challenge
It took close to 48 hours to full get the website cleaned up and re-certified. A number of factors made it happen that fast and I will attempt to talk about them.
1. Google Webmasters Tool
As soon as CFagbata.com got blacklisted across the Internet, I got an email from Google webmasters tool informing and urging me to take quick action to resolve the issue. I logged into my webmasters tool account to find the exact pages that were affected.
It is very important for every website owner to make certain that they connect their websites to Google webmaster tools (or Bing if you prefer).
How easy would it have been to clean up a website with over 10GB data without the help of this remarkable tool?
2. Remove unnecessary plugins and inactive themes
WordPress is the world’s most popular content management system which makes it prone to attacks.
Most wordpress users are tempted to install a lot of “necessary” plugins that was of no use. If you are using wordpress, then my advice to you is remove all unnecessary plugins and inactive theme. During the process of fixing the website, I had to prune down my plugins and will still do some more clean up in the days ahead.
3. Use a Good WordPress Security Plugin
There are many security plugins out there, however, I will only recommend the ones I have tried.
- Wordfence Security Plugin
- Better WP Security Plugin
These plugins are pretty effective but I can tell from experience that it usually goes beyond a security plugin becomes sometimes it is just too difficult to know exactly what security loophole a particular hacker would have exploited.
Remember to always keep your website up to date.
I am happy this is all over now:)
It is not an experience I wish for anyone, so I wrote about it to keep you informed incase it happens to you. Be prepared!!!