I recently figured out that one of my clients websites had been hacked. Before we go any further let me assure you that the hack happened before I took over the maintenance of their site. It was an old site that had not been updated or maintained properly for a while for starters, which is why I had been hired. We kept having strange issues with this site like the whole thing disappearing when we tried to update it or change the old theme. I wrongly blamed the theme creators when this first happened. I learned many lessons while I figured out what was actually wrong with the site that I will try and explain below.
I had never had a site hacked like this before so I did not recognize the signs. So, I want to share my experience with you so that it may be helpful if you find yourself in the same situation.
The site was not appearing in internet explorer once we added a new template. I tired every html5 shiv and code fix I could think of. After all Internet Explorer is known for having issues and the newer the site the more issues it seems to have. When those didn’t work I called the hosting company.(I will not name names to keep this positive) The hosting company told me that everything was operating fine and that it was only an issue with Internet Explorer so the site is fine. Then I asked about the site being hacked and the customer service representative literally said that I shouldn’t worry about it and that people shouldn’t use that browser anymore anyway. I agree, but my client has an older audience that uses IE quite often so it was important that the site function. I ended the chat when she tried to start selling me extra site security and several other things when she couldn’t show me that my site is hacked and the attitude was really a, “fine, whatever” type of tone. Needless to say I will not be recommending this hosting provider to anymore of my clients. But, that is another blog post.
Then I scanned the site with three separate security plugins that dealt directly with hacking and malware. All of them came up clean. I started to feel like I was butting my head against a wall getting nowhere and getting more and more frustrated. Even my client was starting to get frustrated. I kept trying to reassure them that all would be well and that I was not going to give up. So, I kept researching my options. I kept going to WordPress Forums and the blogs I follow trying to find answers. I started to think that this was a dirty little secret that nobody was talking about or that people didn’t want you to know really existed because I really couldn’t find much to help me. That is when I went to Pinterest.
Pinterest has a lot of good information on Web Design, WordPress, etc so I thought I should at least give it a whirl. I came upon this article “How To Clean a Hacked WordPress Site”. This article was my life saver! The first thing I did that I hadn’t done already was to do a site:www.theurl.com search on google. When I did this my 25 page site got 150 pages of hits. Not good, this site had all kinds of extra pages that neither me or my client had put there.
My next step was to get the Wordfence Plugin and install it. It took only a few minutes to setup. I followed the prompts as it led you through the process. I completed a scan. All kinds of red warnings popped up. I started working the warnings one by one. I quickly realized that I was in above my expertise level.
My next step was to approach my client and explain that we need the site to be cleaned professionally and luckily my new favorite plugin offered just that for $179 and it included a years worth of premium service with it that costs $99. Once we paid the money and securely entered in the login credentials for the site, ftp, & hosting, we had an email from a live person within an hour or so explaining the process. Then an hour or so after that I had the email from the person who would be cleaning the site. Her name is Kathy and Kathy is amazing!
I had to stay off of the site while Kathy was cleaning it. She said it would take about 3-4 hours for an average site cleaning. Our site took about 6. I received the report form Kathy and it explained everything about the files and pieces of code that were put there by hackers. The site had been hacked for almost two years. Kathy was very responsive. When I was getting impatient when it took longer she responded to my questions via email within 20 minutes. When I had moments of panic because 24 hours later there were login attempts that weren’t me, Kathy reassured me all was well. Wordfence has outstanding customer service! Kathy explained more about the signs to look for if we were hacked again, where to find helpful articles on keeping my site clean, and basically calmed my frayed nerves that all was well. I really appreciated her patience and kindness when she was dealing with me. Customer service is huge to me. Wordfence customer service is wonderful. It is worth every cent we paid to get our site cleaned.
I have now added Wordfence to every site I work on. It is a fantastic plugin and I highly recommend it!!