• Skip to main content
  • Skip to footer

Solo Web Solutions

Simple & Straightforward Websites

  • Home
  • About
    • FAQ
  • Our Work
  • Our Services
    • Website Design
    • Lead Generation
    • Reputation Management
    • Website Protection
  • Blog
  • Contact

Written by Cheryl Leave a Comment

What I Learned About Security This Weekend

securityIt is sad that some people are determined to wreak havoc on the lives of others. Whether their objective is to be destructive or to use your site as a medium to make money, the result is the same – someone gets hurt.

They are very smart yet they choose to use their knowledge to harm instead of to do good. What a waste of a good mind!

I spent the weekend putting out fires. First determining that a client’s site had been hacked, then convincing the hosting company that it was so, then trying to figure out what to do about it. For instance, files kept appearing after deletion.

While it was a stressful weekend, I did learn a few things, and perhaps I can avert something similar happening to another client.

Change the cPanel password at the first sign of trouble

If your password has somehow been discovered by a hacker, they can get into your site, or worse yet, your host and make all sorts of additions, deletions, changes.

I use WordPress, so my first inclination was to change the WordPress password, which I did. And to look to see if anyone had added themselves as an administrator.

The cPanel password also needs to be changed. Even though I was assured that the cPanel password is stored on the host server and totally secure, anything’s possible. And if hackers get that password, they can steal the whole site.

If your backup is infected, there’s no way to get ahead of the situation

The host does daily, weekly and monthly backups. But you may not know when the attack occurred, so going back to a previous backup may not solve the problem, even though the site appears to be okay visually.

Having a good network of go-to people to help is invaluable

Keeping websites secure is a full-time career for many. Trying to stay ahead of the game is challenging at best. You have to think like a hacker to beat him or her at the game.

To try to be an expert in security while pursuing a different career is impossible. You have to defer to the experts, or at least others who have had similar experiences.

Developing a network of experts, go-to people, experienced people is crucial when these situations arise. I am so grateful to have a handful of such people in my life.

I discovered a good plugin to help detect security issues

Recommended by one of my contacts, I installed Wordfence, which is a WordPress security plugin. The culprits were found and removed.

Whether it’s enough protection remains to be seen, but I at least feel a sense of relief.

Backup Buddy is not what it once was

I have used Backup Buddy to do my backups over the years and it’s a great tool for transferring sites from my server to the client’s server once a site is ready to go live.  But I am suspicious of the tool now.

During my investigations this weekend, I kept seeing that Backup Buddy backups had issues. I’m guessing it’s a security issue, but I haven’t read anything specific on that. More research is required.

I mention it simply because it was my own observation, and it was also a conclusion drawn by a reliable, experienced contact.

I must say, though, that I have Backup Buddy on my site and running Wordfence did not show any errors on my site. Still, there could be a vulnerability there.

If you suspect your site has been hacked, please contact your webmaster or host immediately.

Related posts:

Hacked Websites Can Have Long Term Effects
How to Back Up Your WordPress Site
It's Urgent That You Keep Your Work Environment Secure

Filed Under: Security

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Footer

  • Email
  • Facebook
  • LinkedIn
  • Pinterest
  • Twitter
  • YouTube

Copyright © 2023 Solo Web Solutions · Privacy