Uh oh. Your WordPress site got infected with malware. How do you prevent it from happening again?
I have to admit, keeping up with security is hard. Like backups, strong passwords and other technology best practices, monitoring security is a total pain. Which is why I have started recommending sucuri’s firewall product to all of our clients.
Sucuri’s website firewall costs $9.99 a month for a non HTTPS website. The service is a layer between the web and your web server protecting your site from brute force attacks, DDOS and malicious scripts.
Sucuri also has an amazing free wordpress plugin that is extremely helpful with preventing, detecting and cleaning infected websites.
Core Integrity Check
One of my favorite features is the core integrity check. This feature scans your wordpress install for files that have been changed or that do not belong in your wordpress install.
Core integrity check found 10 files that are suspicious. The bottom 9 area all malware and should be removed.
The hardening tag is a quick and easy way to close security holes in your wordpress install. These steps are safe to perform and reversible. Just press the “harden” button for the items that sucuri highlights for you. Some of the items are shown below.
Other cool features include:
- Who logged in last, from where, and what did they do.
- A log of failed logins and the ip address used. This information can help you to prevent brute force attempts to guess your password by letting you blacklist an IP address and harden a user’s username/password.
- Handy tool to reset all of your users passwords at once (very important after a hack)
- The paid version of the firewall has a cache that will significantly speed up your website
Use the link below to get the plugin and subscribe to the firewall service. If you need help setting up sucuri, drop us a line!
Tagged with: security, wordpress, wordpress plugins