Fencing of attacks
It’s never fun trying to unravel a total mess. When sites get hacked it takes a lot of time and a hell of a lot of patience to get a website back up and running again and Google friendly.
Yet again the Eval base64 has attacked some of our WordPress based websites redirecting them to their own hacker website or html pages. The malicious executable code is inserted into the first line of the index.php which is the first most noticeable instance. Other instances of malicious code have been found in the different folders, as well as new folders having been introduced. The image folders too were compromised with additional images added. Every file, folder has to scanned to seek out additions and changes and repaired.
To this end, there is a security plugin that can be used on WordPress websites and works well too on version WP 3.4, and that is ‘Wordfence’. With the Wordfence plugin you can scan your website periodically for viruses, trojans, malaware, fake googlebots and it emails you an alert. So far I have used the free version which appears to do quite a good job scanning and finding issues. The warning also provides you with some basic information or have Wordfence fix the problem by restoring it from a repository. On the Pro version you can schedule the scanning to be automatic.
Certainly a good basic plugin to help protect your website from hackers. A good rule of thumb for any webmaster to help keep a web site clean is to keep it updated, delete unused and unwanted plugins, check all permissions on a website and don’t allow access where it’s not needed and most important of all, do backups and keep backups.
Wordfence Live traffic reporting
One of the features I really like in this plugin is the Live traffic reporting, seeing where the traffic is coming from – humans or crawlers and logins. The pro version has a few additional features as well the possibility to block malicious traffic in the even of a targeted attacked. (I could have done with this feature a few months ago when a certain website was under constant bombardment by hackers).
So far so good scanning with Wordfence, however, from past experience of these issues I know one must be forever vigilant: you block one door, they sneak in through another, and no plugin in 100% virus or hacker proof.