WordPress site hacked? Did they get in through a WordPress easy password? Maybe through the control panel? Maybe a nasty database hack?
It’s not fun, potentially money costing and just plain annoying.
Use Managed WordPress Hosting to avoid getting your WordPress site hacked.
But then they also didn’t:
- Let me know where the virus was (which file, folder or anything)
- Tell me how to remove the virus
- Answer my questions in the ticketing system (for hours)
All the while my site is down with a big “Account Suspended” banner on it.
Ticket: PIT-41890769 – TOS/Malware
Our Abuse department has received a report regarding malware being hosted on an account under your control. We have disabled site access for your account to prevent further complaints, and have provided a list of the reported content.
In order to remove the restrictions weĆ¢??ve placed, you must resolve the security issue and remove what malicious content was listed. Please note that repeated reports of malicious content on your account within 60 days of an initial notice will lead to further action being taken, including permanent suspension after failing to professionally clean the account.
Once you have taken steps to secure your account of the reported content, please reply back to this ticket to request review.
How to (help) prevent getting your WordPress site from getting hacked.
- Use really, really strong passwords.
- Don’t even pretend to know or remember those passwords, use a password manage like LastPass.
- Use Managed WordPress Hosting so your site is updated on a regular basis, you have a month of backups in case it is hacked and you can (with a single click) restore it to a date when it wasn’t hacked and uses tools like SiteLock to help prevent viruses in the first place.
- Update your plugins, themes and WordPress core on a regular basis or use Jetpack’s update service (free).
- Removed plugins and themes that are potentially easy hacks.
Those steps are a whole lot easier than getting hacked and figuring out how to clean it up and paying for it.
Still waiting to hear back from the host about the clean up job but have heard nothing. Meanwhile, the site is is still down. Having fun yet?
Oh no! This was written for me! Must be worse than I thought. :/
Hi Kristen,
It’s just that the hackers are so good that I don’t even know how (or care to learn) how to fix it. It’s still a whole lot like a house: the burglars are going to get in no matter what, but at least we can make it harder to get in than the neighbor’s (sorry, neighbor). But yep, they got in and now we have to hire Sucuri. I’d still like to learn/know how they got in in the first place! Ugh.
LastPass (and other secure, reliably pwd managers like it) really is a game changer; I can not stress enough not only how much more secure, but easy to access (for YOU) your accounts become when using a tool like LastPass.
Thanks for the note, Ali. It’s true: I don’t know what I’d do without LastPass. I’m almost to the point where I want to force people to use LastPass.
I’ve upgraded to Premium LastPass so I can share folders. Super handy with colleagues and sharing (impossibly long and involved) passwords.
[…] Our Abuse department has received a report regarding malware being hosted on your account. (Feb 7) […]