Has your WordPress been hacked?
If you are experiencing an attack, we can remove malware quickly and close security gaps to prevent future attacks. Get in touch now.
Request a free scan
Not sure if you’ve been hacked, but suspect malicious activity? Let us scan your site free of charge. We’ll report back in 24 hours. We only need your website URL to get started.
WordPress by the numbers:
The widespread use of WordPress makes it a great target for hackers. New security gaps are discovered regularly and easily exploited by automated “bots” that mass-infect websites that are poorly secured and out-of-date.
million websites run on WordPress
are running out-of-date versions
WordPress websites hacked in 2016
of hacks were caused by just 3 plugins
A 2016 Sucuri survey discovered just 3 out-of-date plugins caused 25% of infections, including RevSlider, GravityForms, and TimThumb. Plugins and themes are common targets for hackers. Security patches are released frequently and when they are not updated, automated “bots” find and exploit these gaps across the web. These three plugins infected thousands of websites, and MILLIONS of visitors to those sites.
Recommendations for securing WordPress:
Always update core files, plugins & themes
Remember the Panama Papers? This massive data breach (4.8 million emails exploited) was easily preventable. The law firm’s WordPress website used an out-of-date and widely distributed plugin called Slider Revolution. This leak ended the tenure of several world leaders and altered the course of many more lives. What could they do to you?
Monitor file changes and block malicious traffic
Effective file-change monitoring will alert you when files have been altered without permission. If malicious code has been injected into your site, it will need to be removed carefully and completely to eliminate the threat without harming your site. A firewall should also be used to blocks malicious traffic.
Backup your site to another location
Backups stored to the same server are useless if you lose access to that environment. Offsite backups to the cloud are essential for maintaining continuity in the event of a severe attack. Backups should occur in real-time and there should be multiple versions of the site saved over a period of at least 30 days.
Our process for securing & maintaining your site:
We harden your site.
Our first order of business is to patch all existing security gaps, remove suspicious code (if any), begin configuring all security measures, and backing up your data. Every well-secured & maintained website starts with a strong foundation.
We lock it down.
We continuously scan for malware and remove anything that shouldn’t be there. To keep out the bad actors, we block malicious traffic with a firewall, and back up everything to an off-site cloud server.
Regular updates begin.
To ensure optimal performance and security, core code, plugins and themes are updated as patches are released. We monitor uptime and respond quickly should an outage occur. We also work to improve page load speed to improve user experience and search engine results.
We march ahead.
From periodic revisions to full-scale redevelopment, our diverse and experienced staff will help develop an intuitive website experience that delivers value and converts visitors. Our mission is to develop web properties that are purposeful, intuitive and aligned with organizational goals.
“WP Always has been a very consistent and responsive web development partner. Keeping our website updated and secure are high priorities. We rely on WP Always for daily protection and maintenance as much as we do their strategic guidance. Our relationship is valuable and appreciated!”Ron Emma
“We worked closely with WP Always to completely re-develop our website. Their support has been integral for developing a concept and managing the process from start to finish. We couldn’t be happier with the outcome and look forward to our continued partnership.”Mayda Barsumyan
“Working with Ryan and his team has been a blessing. In our company, we see Ryan & the entire WP Always team as an extension of our company. Whenever we have a problem, we run to them to help us and in 6 years they have provided project management help, information technology, web-site design and maintenance. I highly recommend WP Always to any organization looking to outsource their WordPress development needs.”Victoria Amador