The experience:-
My friend, Eric Stapelfeld is the owner of website Cape Cod fishing. This website is all about fishing. He has also given me the credentials of the website. The website is made using a WordPress CMS (content management system). I just had to add images and some content on the website.
The website got hacked:-
But unfortunately, the website was hacked by the hackers and they changed the website into the eCommerce website. Last year, Eric Stapelfeld called me in San Francisco and said that someone had complained about the eCommerce services on his website. He believed that somebody is running an eCommerce service within a website and he was unaware of that.
Illegal activities on the website:-
The Cape Cod website is about information and posts about fishing. It also provides phone numbers to book trips. For an IT expert, it was very easy to hack such kind of website.
I told Eric that his website has been hacked and it is very difficult to retrieve the website. After three months, Eric called me about the current scenario of the website. He said that he is receiving warnings from Google. Something has gone wrong.
When I typed hairballcharters.com on the internet, it gives me a warning that the site contains malware; hackers might attempt to install a malware program on my Mac that will delete all the data like messages, photos and credit cards information.
So, what’s the Solution:-
I then decided to call the web hosting services company Deluxe Hosting, where the site is hosted. After the conversation with them, I realized that they are not in a mood to fix the issue. They said they have found the infected data and deleted it. When I told them that Google is still showing the same message, the Deluxe Hosting stopped answering me.
Next step:-
When web hosting doesn't co-operate with me, then I called the person who developed the website. Jennifer Zelazny had great experience in web development. She finally agreed to solve my issue.
Inspection of the website:-
When she was inspecting the website, she told me that the website has been accessed by a plug-in or through WordPress. She found 20 doubtful WordPress core files and non-core files with names like ‘list.php’ and ‘apis.php’. She first deleted all the infected files and reset the passwords and updated the secret key in the wp-config.
Scanning:-
She then ran a scanner Exploit Scanner and Sucuri SiteCheck to check other malware on the website.
Google webmaster tools:-
I then give my Google webmaster tool’s credentials to her. She believes that Google will scan the website and gives it a clean chit.
I had two email addresses but I was not sure which one was the owner’s email id. Both email ids were made in a short time. When I opened the Google webmaster account, I had seen that the hacker had filed 47 sitemaps and submitted 565,192 web pages, of which 229,837 had been indexed.
I had seen that the hacker was trying to use the malware to insert links on the website and using the website map to create some kind of redirects.
Sitemaps:-
The hacker had created 47 separate sitemaps using redirects from the website, all averaging 70,000 lines of code.
eCommerce website:-
The hacker had changed the fishing website into the Japanese eCommerce website.
Google tools:-
Google tools helped to keep the hacker from further access to the website. It shows the tag associated with each account. I show the details to Jenny and she deleted all the illegal sitemaps. Jennifer can’t believe that the website hacker had attacked the Google webmaster account. She shares her experience by saying that she had never seen such a thing is her whole career.
Security patches for WordPress:-
She then updated the WordPress security patches and the plug-ins. She has done the work in such a way that the updates take place automatically.
Security of the patches:-
Jennifer told me that sometimes the computer programmer or developer becomes unaware of the security of patches. Once your website becomes public, attackers then scan the WordPress site.
How to secure a WordPress site:-
According to Jennifer, you can secure your website by following five steps:
· Step #1:-
The first and most important step is to stay updated with WordPress updates. You just need to add code “define (‘WP_AUTO_UPDATE_CORE’, minor) in the file named “wp-config.php”. By following the above methods, your website will always remain up to date.
· Step # 2:-
You need to keep your WordPress plug-in up to date. Always use the Jetpack plugin that helps to select the plug-ins according to your demands.
· Step # 3:-
If you want to make your website extra secure, you need to consider plug-in Sucuri Security: Auditing, Malware Scanner and Security Hardening that allows you to do exactly what the name suggests. You can enable auditing to send the reports if any files are changed.
· Step # 4:-
It is recommended to install two-factor authentication to secure the website.
· Step # 5:-
Use the Google webmaster tool and check from time to time to make sure that your website has no sitemap or other errors.
Final words:-
Well, my friend Eric is pleased to see that big red screen on the website. If you ever visit Cap Cod, Eric would love to share the details about fishing.