How to avoid hackers cracking your WordPress site

WordPress is a great blogging platform and CMS. We love it and have built our business around it. But even the best system can be prone to flaws and attack at times. WordPress is open source which means that everyone, including hackers with a malicious intent, can scour the source code looking for holes in its security.

At LightSpeed we’ve recently had some of our development clients come to us with issues resulting from having been hacked. In light of this and the recent TimThumb security flaws, these attacks once again underscore the crucial importance of updating WordPress themes, plugins and the core WordPress CMS to secure your site.

Hacking Case Study 1: Next generation

Next Generation Consultants is a boutique Management and Business Consulting Firm. We developed their new website early in 2010 using a canvas child theme and best practice. They chose Hetzner as their hosting company.

Next Generation used the old TimThumb plugin, which allowed exploitation within the site. The hack of their site allowed access to the .htaccess file, which was somehow edited allowing the hackers to dump files on to server and then start sending spam emails. Hetzner detected this and their “solution” was to shut down the site.

Upon investigation, we found that their WordPress installation was out of date, having never been updated after deployment in 2010. The direct cause of the hack was identified as the out of date theme that utilized the TimThumb theme component. To address the issue we  needed to upgrade the theme, clean the files within WordPress and check the site with the exploit scanner plugin.

Hacking Case Study 2: African Blue Tours and Camps Bay Accommodation:

We were contacted by the owner of African Blue Tours and Camps Bay Accommodation to help out when these sites were hacked. These sites were not originally developed or hosted by LightSpeed and Feedmymedia. The hack messed up the website, causing the page to make connections to Russian websites when loaded. Loading the website in our browsers showed that there was malicious software.

Upon investigation we found that both the WordPress installation and all the plugins (including TimThumb) were out of date. Some plugins were so old and out of date that after upgrading they no longer even worked with WordPress. Plugins are not a good solution, unless it comes from a reliable vendor such as Gravity Forms or Yoast (we’v put together a list of our tried, tested and recommended plugins here).

In short there was no maintenance on the WordPress installation, plugins or themes in general.

Our solution to all the hacked sites:

We got cracking on solving the problem. In the case of all three websites we did the following:

  • Replaced all files with new files. It is important to mention that we removed all files (including all hidden files) then re-added clean files. In many cases when trying to fix the problem developers make the mistake of adding new files with malicious code, merely overwriting the current files (which would exclude the additional hacked files). This was the case for Camp’s Bay and African Blue, and will not solve the situation.
  • Ensured that all software was running the latest versions – WordPress, plugins, parent themes, TimThumb and anything else
  • Ensured child themes use best practices. The best wayto do this is to run a theme check
  • We ran the Exploit Scanner plugin to look for further issues
  • We recommended to the clients that they move over to our premium purpose built WordPress hosting at Feedmymedia so they don’t need to worry about being hacked again in future
WPBeginner published this cool infographic as a guide on upgrading WordPress. Click to enlarge
Upgrade WordPress

Why staying up to date is important

As these case studies clearly illustrate, failure to update and maintain your WordPress installation, including all themes and plugins, can leave your website vulnerable to attack. Since WordPress is open source, if a vulnerability is discovered in WordPress and a new version is released to address the issue, the information required to exploit the vulnerability is almost certainly in the public domain. This makes old versions more open to attack, and is one of the primary reasons you should always keep WordPress up to date.

The WordPress community and developers of quality premium themes and plugins are continuously working on improving the software, striving to make sure that with every new release, security and functionality is improved.

Reasons to upgrade

  • Improved website security and spam filters
  • Theme Optimization / Loading Time Reduction
  • CMS backend updates and improvements to the CMS system
  • New features and theme options (more applicable to advanced users)

Feedmymedia WordPress Hosting

Feedmymedia WordPress Hosting

At LightSpeed we’ve developed a solution to tackle the security issues Next Generation, Camps Bay Accommodation and Africa Blue Tours have experienced.

Feedmymedia is our dedicated WordPress Hosting solution. With Feedmymedia you have the convenience of the best, most up to date software without the hassle, as we continuously update Feedmymedia with the latest versions of all themes, plugins and WordPress CMS. We test and approve all updates, ensuring stability before implementing updates system wide. We make use of a Web Application Firewall to protect against SQL Injections, Cross Site Scripting, Cross Site Request Forgery, and Local and Remote file inclusions. We also run active malware detection software on the servers on a continuous basis scanning every file for malicious code.

The Feedmymedia Hosting system is used for all LightSpeed clients unless they specify otherwise. Trusted and endorsed by Media 24 and the Mail&Gaurdian it offers a rock solid dependable hosting solution that won’t leave you hanging.

Click Here to get started with professional, dedicated WordPress hosting that offers peace of mind and excellent support.