Did your WordPress website get hacked ?

WordPress is an extremely popular open source content management system which is for blogging but also as a core business website. WordPress is a great CMS and has tons of features and plugins but being open source it also means that anyone can download it and view the source code including hackers. Most people install WordPress through their hosting company which may be offered as a “one-click-install” using Fantastico or Simple Scripts which makes it very easy. However, what most of people dont know is that that WordPress is such a targeted platform by hackers who know all the security vulnerabilities and can explore them. Most people are not tech savy when it comes to dealing with WordPress as it was installed from a third party website so they get stuck and end up with only headaches.

Most common hacking problems:

  • Weak Passwords
  • Outdated WP version
  • Being on a shared hosting
  • Incorrect File Permissions
  • Untested or Buggy Plugin-ins
  • MySQL Injections
  • FTP hacking

And the list goes on and on as hackers always find loopholes to dig in. The funny thing is that these hackers do it for the fun of the game not to really do any harm but its embarrassing to a business when a customer goes to the homepage to find a hackers message.

So what to do if your WordPress is hacked ?

First, this to do is change all of your passwords including server and FTP not only your WordPress. Second, take your site down and put a simple html “under maintaince” page so people dont see the hacked message. Third, go to your backups(assuming you have backups) and restore everything back to normal starting with WP files as well as database files. If this fails then you have to ask for professional programmer or WordPress expert to fix the issue.

Installing WordPress is one thing but keeping it safe its a whole different animal and appropriate security patches need to be added for future prevention. Hope this helps and if you need any help with WordPress let us know!

WordPress Shared Hosting is a Big NO

As we have mentioned before WordPress is not well optimized for majority hosts so therefore many WordPress sites run into very similar issues. WordPress uses up a lot of memory due to its coding structure but also the plugins management. Having a decent server is crucial to improving WordPress’s performance. When looking to either get a new server or move on to another its great to keep a few things in mind as the server could make it or break it.

Stay away from shared servers
Keep in mind that going for a shared hosting is not a great idea unless your resources are very limited. In a shared hosting environment you are sharing your resources with many other sites. For example: IP address, RAM, Bandwidth etc. What this does is limit your sites ability to perform as it should as the other websites’s scripts maybe running hight and using up a good percentage of that memory. This is where WordPress runs into issues as its being limited use the memory it needs. We’ve seen large WordPress sites take up as much as 256MB.

Also, if you are sharing IP address across 100 other sites the chances are high that one of this domains is spamming search engines and they may block that IP that you are sharing.

Conclusion, from experience we’ve seen WordPress websites perform a lot better when hosted to a private server with a dedicated IP. However, owning a virtual private server comes with its difficulties as you will most likely need some technical knowledge to set it up and maintain it.