Removing Malware and Keeping Your Websites, WordPress And Entire Server Safe!
Do you think having a security WordPress plugin installed or having your hosting company take care the server is enough to keep you safe from malware and hacking?
That’s what I thought too! And I learned it the hard way few days ago lol …
Earlier this year I created a post called 8 WP Plugins To Optimize and Secure WordPress From Hackers. However, what I’ve noticed is installing just those plugins won’t keep you 100% — actually nothing gives you 100% guarantee but what I’m about to share with you here I believe will keep you safe 99% of the time!
What’s even more interesting is that you’ll discover the EXACT infrastructure and systems we’ve setup to not only to keep us safe but alert us IMMEDIATELY when something goes wrong! And when I say alert, I mean getting notified about everything that happens to every single file that looks weird and uncommon.
If you’re an internet marketer you know how WordPress is vulnerable to attacks, malware and hacking, right? But your full emphasis should not be only on WordPress. Your site and server is exposed to TONS of different attacks, I’m talking about stuff like…
- Malicious Hacking attack
- Obfuscated JavaScipt Injections
- Hidden & Malicious iFrames
- Embedded Trojans
- Phishing Attempts
- Cross Site Scripting (XSS)
- Malicious Redirects
- Backdoors (e.g., C99, R57, Webshells)
- Stupid, Pointless, Annoying Messages (SPAM)
- SQL Injection
- IP Cloaking
- Social Engineering Attempts
- Including server issues
Huge and scary list, right? I know.
The “Untold” Diagram For How We Keep Everything Safe!
So what did we do about it? What are the steps for protecting our server, sites, WordPress directories, themes, and plugins to ensure all work well and are up-to-date? Here’s a quick diagram I created for you to understand how strong and powerful our protection is right now…
As you can see right there we have 2 different levels of protection now. Before we used to rely on just the security plugins and our hosting company… and we thought it was OK!
Now, let’s go through them one by one and see what each one does and how it protect us.
Level #1 – Files & Scripts Shield Zone
1A – Security Plugins
After months of trying security plugins we figured out that few of the more decent protection plugins are…
- BulletProof Security Plugin – WordPress security protection against hacking attempts.
- WordPress File Monitor Plus – When a file change occurs, notifies you via email.
- Automatic WordPress Backup – Automatically backup important parts of your WP to S3.
But as I already said, don’t just rely on security plugins that much. We used to think that way until we were infected by a Pharma Hack. If you don’t know what that is, well a Pharma Hack (short for Pharmaceutical Hack) were stealing traffic from Google from us by altering our content that was ONLY visible to Googlebot. Imagine visiting your web site and see that all is good but Google is dropping you from Search Engines because your website shows pharmaceutical stuff about medicines, etc. Scary, I know but thank God we solved it after setting up the Malware Monitoring & Clean up Service (I’ll explain more about it in a minute so stick with me here).
1B – Server Monitoring
Monitoring your server or how fast your pages load or accessing your server from your computer’s location is not the right kind of monitoring. We found a great service called Pingdom that makes the monitoring of the server up-time and performance easy for us.
One of the features I love there is that it provide reports from multiple check locations. What that means is… it checks if your site/server is accessible in New York as well as Japan or Europe, etc and if server is down from either one or more (even to all) locations we get notified by SMS. Amazing, right?
1C – Malware Monitoring & Clean Up
Our sys admin recently installed Clam AV in our cPanels, a decent anti-virus program, and every month we’re now doing manual virus scasn to each of our accounts/domains to see if all is good. When we first installed this, we found a few infections and it cleaned them but that was not enough. You may be asking why, yes? Do I have psychic powers? Well, maybe lol…
Having virus scans with Clam AV wasn’t enough simply because when we setup an account with Sucuri it discovered something REALLY SCARY…guess what…
THE BIGGEST MESS OF ALL TIME!
I must say that before we ended up trying them out we did try the free scan that Sucuri provides on their homepage and it showed us clean… but I wanted to try that service out and setup my sites because they monitor your sites every 4 hours and notify you immediately in case something is wrong… but when it does find malware, Sucuri even clean the malwares for you — and they do it manually and fast! How do I know?
Check out what we found when we setup the Server Side Checking feature they have for paid customers…(click the images to enlarge)
It found malware there..but notice that it also tells you if you have old version of WP and if your plugins files needs updates, etc. Very useful!
Anyway, after submitting my site their technicians proceed with the manual malware cleanup, and then I got this response from them in 3 hours…
Hi John, your site is now clean and malware-free. The following files were compromised and fixed:
- CLEARED: Malware found on file: ../.htaccess
- OK: Hardening ./offers/wp-admin/setup-config.php on WordPress
- CLEARED: Malware found on file: ./offers/wp-content/plugins/wplockup1/wplockup.php
- CLEARED: Malware found on file: ./offers/wp-content/themes/OptimizePress/template_002.php
- OK: Removing PHP file (backdoor) from the images directory: ./offers/wp-content/themes/OptimizePress/images/shortcode.php (hardening)
- CLEARED: Malware found on file: ./offers/wp-content/themes/OptimizePress/launch_003b.php
- CLEARED: Malware found on file: ./offers/wp-content/themes/OptimizePress/widelaunch_001b.php
- CLEARED: Malware found on file: ./offers/wp-content/themes/OptimizePress/launch_003.php
This ticket is now in resolved status. If there is no further activity in the next 24 hours, this ticket will be automatically closed. Feel free to open a new ticket if you require further assistance. Thanks for using Sucuri!
What happened 3 hours later is this…
I had to take this beautiful screenshot so you can see with your own eyes the results after the malware cleanup they did for us;)
The conclusion is that Sucuri is now one of our MAIN SECURITY ASSETS ! It’s an amazing web monitoring and malware clean up service and one of the most cost effective security services that can help your site security today!
I recommend you sign up with Sucuri and don’t just rely on the free virus scan there!. My sites were clean when I first tested it with the free virus scan. What you need is to sign up for a plan and setup the Side Server Checking feature! That’s what found the real mess for us. In fact, you want automatic daily malware check ups, don’t you?
If you wait until a problem arrives you might end up getting blacklisted from Google, lose SEO rankings and spending TONS of time and money figuring out what should be done — not to mention the sales you’ll lose (yup, that’s what happened to me!).
And if you think your local antivirus will help scan your files… well, good luck with that. There is programming stuff and lines that antivirus software like AVG and Kaspersky won’t find, and they won’t find malware like Sucuri does!
Level #2 – Sever OS/Firewalls Shield Zone
After being with many hosting providers in U.S. (dedicated servers and vps) I decided to go with a European one, it’s called Hetzner. Amazing prices on pretty strong servers.
The reason why prices are low is because you have to do the management of the server yourself. So we decided to hire an in-house SYS ADMIN guy who does the server OS updates, firewall tweaks, manual server monitoring and all the technical stuff for the server.
He is very powerful at what he does.
If you’re serious about your online business you need to invest in hiring an in-house guy. Believe it or not, most hosting companies (even the famous ones — I won’t say names) do nothing, but they are there just to collect your monthly payment.
What you need is a guy like Dimitris (our sys admin). If you’re interested to hire Dimitris, contact me by leaving a comment below and I’ll set you up with him. I’m telling you it will be one of the best investments you ever made for security!
So that’s all. Now go out and lock hackers and malware away from your sites!:)
AND PLEASE DON’T FORGET THIS… if you enjoyed this post, please share with me your feedback, ideas or questions on the comments below! I’ll read and respond to each one. This will give me (and my partner) motivation to keep posting amazing free content for you.
Did you enjoy this article?
Get Free Updates