What I Learned from getting Hacked and How to Prevent it

On Christmas Eve I decided to turn my laptop off  and have a wonderful few days off enjoying baby girl’s first Christmas. On boxing day I did a quick check of my emails and discovered that my blog had been hacked. They hadn’t got in through my username and password, but through a plugin I wasn’t using and had not updated. They had somehow injected malware into my blogs core files. My stress levels were about to reach breaking point.

I’m writing this today to share with you what I have learned from getting hacked, and hopefully help with some tips so the same doesn’t happen to you. It’s a very unpleasant experience, I felt violated. My blog is only about family topics and what not, it’s a baby fish in a the huge sea, so why would a heartless hacker want in?

 

Prevent Your Blog from getting hacked

I went self-hosted last Summer and have been learning everything myself as I went long. I thought having Wordfence was enough to stop getting hacked, but it’s not.

When my lovely blogger friends clicked onto my blog they were sent to spam pages. Pop-ups saying Congratulations you have won an iPhone 7 would appear. Totally not the image I want for my family orientated blog.

So what have I learned from this dreadful experience?

  • Update your plugins ASAP – check daily if you have any to update
  • Delete unused plugins – I had the Shareaholic plugin disabled and this was most likely the way in for the hackers.
  • Keep WordPress updated to the latest version
  • Delete old themes not in use anymore
  • Have strong passwords – combinations of symbols, numbers and letters. Not words or your partners date of birth!
  • Make sure you have good security installed – I have WP Security and Wordfence both installed.
  • It’s great to have a helpful host, who will try to get you out of a sticky mess. TSOHOST have been very good to me.
  • It’s costly! – I ended up paying Wordfence to professionally clean my site as my hosts helped get it back running but wouldn’t clean up the files.

These tips are only a guide and will not guarantee you getting hacked, but I’m pretty sure they will help you prevent the sneaky little so and so’s from getting in.

The only good thing is that Wordfence automatically upgraded me to their premium plan for 12 months by using their services. So now my site is fully protected against malicious attacks. It still worries the hell out of me when I get emails saying hackers are trying to break in. I think I’m always going to be on my guard. I put so much time and effort into my blog that it really is my second baby!

 

Do you have any tips for preventing hacks to your website? As always I love to hear your thoughts.

Thanks for stopping by today, and I hope these tips will help you keep the sneaky so and so’s at bay!

*This is a collaborative post

**Contains an affiliate link

3 Comments

  1. April 24, 2017 / 9:10 pm

    The thought of this terrifies me, I’m glad that you were able to get it sorted! I’m on Blogger so I don’t need to worry about the plugins, but I’m not sure what else I can do apart from changing passwords regularly and making sure they are strong. I’m glad that the host was able to help out it must be reassuring to know that you are fully protected now

  2. April 19, 2017 / 7:03 am

    Eek! That sounds horrible! I always update my Plugins when I’m told to, but I ought to check if I’ve got any I’m not using any more. Glad it got sorted, even though it was costly. Thanks for sharing these tips.

    • Rachel
      April 19, 2017 / 8:43 am

      It wasn’t the best experience, but I know I’ve learnt my lesson the hard way! Thanks for stopping by and finding my post useful xx

Leave a Reply

Your email address will not be published. Required fields are marked *