Solved

Why did malware hit my website?

Posted on 2015-02-16
3
98 Views
Last Modified: 2015-02-20
Last year I paid someone to re-create a website for me. The person used Word-Press to make the site and siteground to host the domain (not real sure on that terminology).

Recently there was malware that was somehow put onto the site. Google doesn't allow people to go to the site because it considers it a dangerous site.

Does a site made through WordPress more prone to malware such as this? The guy who made the site is now asking for a couple hundred bucks to take the malware off.

I am wondering if I should not use word press anymore due to security issues. Would another option be more secure? Is wordpress more susceptible to this?

Is there anything else I can do to protect this from happening in the future?

Thanks! Any advice would be great.
0
Comment
Question by:cansevin
3 Comments
 
LVL 70

Accepted Solution

by:
Jason C. Levine earned 167 total points
ID: 40613399
WordPress Itself is secure as long as you keep it up to date.  What can be insecure are themes and plugins installed by yourself or your designer when their isn't a full understanding of what you are installing and from where.

It is also possible that WordPress is not to blame, and a different security flaw was exploited on the server and an attack script deployed that targets WordPress sites specifically because of its popularity.

While everyone will have an opinion on what is or isn't more secure, the fact is that security is only as good as the operator.  If you move to Joomla or Drupal and still don't know what you're doing, you are just as likely to be hacked.  Whereas a competent operator is less likely to be hacked because they take certain steps to make themselves less easy of a target.

I've written a more in-depth article here:

http://www.experts-exchange.com/Web_Development/Blogs/WordPress/A_10806-Recovering-From-and-Preventing-WordPress-Site-Hacks.html
0
 
LVL 16

Assisted Solution

by:Lucas Bishop
Lucas Bishop earned 167 total points
ID: 40613505
Most likely culprit would be outdated Wordpress version or an outdated plugin installed inside of Wordpress. Lax folder/file permissions on the site could also be a potential weakness. You'll need to log into the WP admin panel on a regular basis (weekly) to see if there are new updates available that need to be installed.

Take a look at Jason's article as it provides in depth information on resolving the issue. I second the recommendation for installing Wordfence.

In order to get your site removed from the "spam-dex" in google, you'll need to fix the issue and then submit a request to review the fixed site. You can do this via a webmaster tools account. Under the "Security Issues" section, you'll be able to review the specific reasons why you are seeing an alert via Google and you'll be able to Request a Review to get your site accessible via Google again.
0
 
LVL 5

Assisted Solution

by:Sean Jackson
Sean Jackson earned 166 total points
ID: 40614365
Wordpress is a great tool, but like every other thing that should be considered when trying to secure your data, it is not a "set it and forget" solution.  It's built out of many different parts, and each additional functionality you add opens up yet more parts and connections.

You must have someone retained that will monitor trends in the wild and keep your software updated. Wordpress regularly has updates that address security concerns.

You should consider having your site tested for vulnerabilities so you can know what your programmer may have left open, and you can then address those issues.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
An enjoyable and seamless user experience can go a long way on an eCommerce site. While a cohesive layout and engaging copy play roles in creating a positive user experience, some sites neglect aspects that seem marginal but in actuality prove very …
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now