WP Minder

Maintaining WordPress

The Cost of Not Paying Attention to Your Website

by Leave a Comment

Not paying attention to your website can become a costly mistake very quickly.

Recently I had a client come to me for help for a site I’d built for them in 2014. The client’s customers were being warned off the site by their browsers when trying to pay for a product. Turns out the site had been hacked, and hacked very, very thoroughly. It was one of the worst cases I’d ever seen, with over 9,500 hacked files on the account.

The site had no backups, offsite or otherwise, except for the ones done by the host, and those didn’t help since the hacker actually got started almost 3 months earlier. There were a number of admin-level users registered that the client didn’t recognize (one was the hacker, whose account was set up last October). The site hadn’t been scanned in a very long time despite the security plugin that offers a one-touch site-wide scan for malware.

The initial cleanup and removal of the extra admin accounts, changing all the passwords on the server and site, locating the point of origin of the malware and removing as many files as I could came to around $250. The client had to have Sucuri finish the cleanup, as going through thousands and thousands of files manually was obviously not feasible – that came to another $199.

Please, pay attention to your website. If it’s an important part of your business, it deserves some care and time. Make sure:

  • You have a fresh backup located somewhere away from your hosting account.
  • You check your users – is there anyone you don’t recognize?
  • Scan your site. You can use a plugin or a remote tester like Sucuri Sitecheck.

Doing these three things on a regular basis will help you immensely if your site were to get hacked.

The other option is to have WP Minder take care of these things for you – if you don’t have the time to do it yourself, no problem. You don’t need to worry about it – that’s what we’re here for. Learn more about our WordPress maintenance plans.

New WordPress Maintenance + Hosting Plans Announced

by Leave a Comment

WP Minder is pairing with WP Engine to provide feature-rich maintenance + hosting plans for our clients.

You can get hosting with any Plan, from Starter to Premium, for only $25 per month. That’s a big savings off the usual fees at WP Engine.

Here are a few of the features of these new hosting plans:

One-Click Staging Area. This provides a safe place for testing new plugins, themes and functionality. We’ll perform WordPress and plugin updates here before making them live.

One-Click Restores. Even faster than our regular site restores, this feature lets us roll back your site to a previous clean version whenever needed. It acts as a safety net for your website.

Firewall and 24/7 Security Monitoring. If there’s a problem with your site, it’ll typically be fixed before you’re even aware of it.

CDN. Speed up your site by serving your static content (images, videos, documents, etc.) from one of twelve datacenters worldwide. Setup is easy and fast and doesn’t involve changes to your site.

WP Minder Peace of Mind. Get our site maintenance, WordPress advice and support, annual security audit and all other WP Minder benefits, too.

24/7 Phone Support. Website down at 2:00 am? You’re covered!

Learn more about our new maintenance + hosting plans.

Using WordPress SEO by Yoast? Update it now!

by Leave a Comment

WordPress SEO by YoastThe very-popular WordPress SEO by Yoast – which I really like and use in almost all my client sites, and my own – was found to have a security vulnerability today that makes it more open to hackers.

This plugin is used by over 14 million WordPress sites, so this is a big deal. The plugin has already been updated to fix the security hole, so please update it on your site(s) now.

WP Minder client sites have already been updated, so you are taken care of.

For information on the problem and how it was found, read more here.

Using Fancybox for WordPress? Update or Replace It Now.

by Leave a Comment

A security problem was found in the very popular Fancybox for WordPress on February 4 that led to many infected websites. The plugin was removed from the WordPress.org plugin repository temporarily until the plugin developer released a new version that patched the security issue on February 7.

If you’re using this plugin, make sure you update it ASAP.

Old Plugins are Security Risks

Unless you just installed it for the first time since the 7th, you shouldn’t be using this plugin at all.

Why not? Because until the patch on the 7th, it hadn’t been updated in over 2 years. Old plugins can cause lots of problems, including not being compatible with modern WordPress releases, conflicts with modern themes, and having code that is more prone to modern security exploits. In short, just because an old plugin is still working doesn’t mean it’s a safe choice for your website.

There are many Fancybox plugins available – I myself use Easy FancyBox which is kept current by its developers. Do yourself and your site a favor and make sure when you install a plugin that it is compatible with the current version of WordPress that you’re using. If you have any other really old plugins, take some time to find replacements.

Easy WP Guide 3.1 Released

by Leave a Comment

Easy WP Guide 3.1 by Anthony HortinI used to give my WordPress clients a book when we met for training. But as you’re aware, WordPress changes so often that a book just gets outdated right after it’s published!

So a few months ago I started giving my clients the link to Easy WP Guide. It’s a great resource on how to use WordPress, and author Anthony Hortin does a great job of keeping it fresh and up-to-date with new major WordPress releases. It’s free and comes as a PDF you can save on your desktop or laptop for easy reference (don’t print it though – it’s big).

Get your copy of Easy WP Guide 3.1 here. Or, learn more about what’s changed in the latest version of WordPress.

This site uses cookies to enhance your experience. By continuing you agree to the use of cookies. View privacy information.