Want to make your WordPress website hack free?

Examples of spam in Google results

How can you tell if your website has been hacked?

• In Google you will see a message with your listings saying “This website may be harmful to your computer.”
• You notice advertising/spam on your entries in Google.
• You will receive notifications and/or emails from people or servers who have received (spam) email from your domain name.
• The website is not easily accessible. This could also be due to something else, for example too little memory or disk space, an automatic update that did not go well...
• There are links or texts on the website that do not belong there.
• There are blog posts on the website that do not belong there.
• You notice other things that are not correct.

Why is your WordPress website being hacked?

• Obtaining user data such as usernames or passwords.
• Obtaining credit card information from customers.
• Sending spam/advertising emails
• Spreading malware to website visitors
• Phishing, obtaining data by sending reliable-looking emails asking for personal data or to log in somewhere.
• Redirect visitors to other websites.
• Use the website to attack other websites and make them unreachable.
• The storage of the hosting package is used to store (often illegal) files.
• Displaying content such as products, texts and links.

What could be the cause?

• Hacks are often caused by a security hole, also called an exploit. This may be due to poor security, overdue maintenance of templates, plugins and WordPress itself, or it may be a leak that is not yet known.
• Malware on your own computer.
• Someone has intercepted or otherwise obtained your password. This could be via a hacked email account, but also passwords that were not stored properly, were easy to guess or were left on a piece of paper on the desk...

How can I fix it?

• Depending on your hosting party and agreements, you may or may not be responsible for cleaning up the hacked website. For example with a Managed WordPress Hosting package at Milcraft from €20 per month We will solve this for you at no additional cost.
  Always inform your hosting party or website administrator of a hack.
• In the best case, there is a backup of the website that can be restored to the situation before the hack. For example, we make daily backups with a retention of 30 days for each customer.
• Change all passwords, from WordPress, mail accounts, database, FTP. Of course, do this AFTER restoring the backup.
• If possible, update all plugins, templates and WordPress itself.
• Make sure that all plugins and templates come from a reputable source. So from WordPress.org or Themeforest, for example.
  There have been cases where paid plugins or templates were available for free download on unreliable websites. Here was one backdoor cuts processed so that hackers could gain access to the website and the admin panel.
• Check all used plugins, active and inactive, for known security vulnerabilities WordPress Vulnerability Database. Sometimes there is no security update for a plugin because the owner of this plugin has stopped maintaining it. A WordPress installation may seem up-to-date, but nothing could be further from the truth.
• View all users in WordPress and the hosting package. A hacker often creates his own administrator account.
• Block IPs of the hackers and/or pass them on to the hosting party.
• No good backup available? No worries. Your website can also be cleaned up without a backup. We can help you with this.

How do I get the message “This website may be harmful to your computer.” away from Google?

• A review can be requested via Google Search Console. Google will look at the website after it has been cleaned, and if this is found to be the case, Google will remove the message.
• Search Console can also prompt you to reindex the website and remove spam URL impressions. This may take a while. Existing URLs will be displayed normally again as soon as possible. URLs created by the hacker unfortunately take longer.

How can I prevent a WordPress hack?

• Regularly update the plugins, templates and WordPress. When updating, there is a difference between updates with additional features and security updates. The latter are important for keeping a website safe.
• Use strong passwords with uppercase letters, lowercase letters, numbers and special characters ( @ # $ %). The more characters, the better the security. To save passwords, use a handy program like KeePass.
• Use a security plugin to limit the number of incorrect login attempts, among other things. Wordfence is highly recommended. Milcraft has a Wordfence license available.
• Generate salts and add them to the wp-config file. Generating salts is possible here.
• Keep the server software up to date and use a firewall.
• Website security may be good, but if the computers used to send emails or maintain the website are not secure, then this is a major risk. Therefore, always make sure you have a good, paid anti-virus program. Free usually does not exist on the Internet and there have been cases where providers of free anti-virus software sold user behavior data to third parties. We advise Kaspersky. Another important measure is to regularly update Windows. These updates can be set to automatic if this is not already the case.
• The above points are a minimum security requirement and will significantly reduce the chance. However, it is not possible to give 100% certainty that you will never be hacked. Even large companies such as Adobe, Ebay, Citigroup, Apple, AOL, Sony, Dropbox, Linkedin, etc. were hacked in the past. Look at here a nice overview of the biggest hacks in history.
  Therefore, always make sure you have a good backup of the website to minimize lost time and costs in the event of a hack!

No good backup of your website available or would you like help cleaning up your hacked website?

No problem. We make a website hack free with a 30 day guarantee!
When purchasing a Managed WordPress Hosting package from €20 per month or Managed WooCommerce Hosting from €30 per month excl. VAT you will receive a one-time discount on making your website hack-free of €49,- excl. VAT. This package is the ideal total solution to outsource the entire technical part of your website!
Knowing more? Email us or call 0172-897789