A few weeks ago something truly awful happened.

The Business Betties website was hacked… and then blacklisted by Google.

And as cliche as this sounds, we never thought it would happen to us- being web professionals and all. But there it was, in all of it’s bright red, terrifying glory: Warning: Visiting this site may harm your computer.

 

When your website gets hacked. What do you do?

 

At 8pm on a Friday night, when most people are out enjoying the start to their weekend with a delicious dinner and a few drinks, we’re anxiously calling our hosting provider, fingers crossed that they know what’s going on.

The customer rep scanned our site and said, yes, there was malware SOMEWHERE on our site. Do a few updates to your theme and plugins and everything should be good.

 

Phew- well, that’s easy, we thought.

 

Until it ended up not being that simple. Four days of back and forth with the hosting company, digging around in the coding of our site, and still, when future clients typed in businessbetties.com, they saw the screen that you see now at the top of the page. (We screen-shotted it, so we could treasure this memory forever.) eek!

 

By the fifth day, we realized that FIXING this problem would be extremely time consuming (imagine spending hours and hours digging through lines of code), and potentially expensive. And so we decided to chuck the whole website and start over.

 

We realize that this is not the right fix for everyone. Since we’d be designing the replacement website ourselves, we have little to no cost there. And, we were planning on redesigning our website anyway, this just pushed up our timeline a little bit (or a lot).

 

The best way for you to avoid getting into a mess like this is to prevent it.

 

If nothing else, this has been a learning experience for us. We’ve taken the accelerated course on “how to protect your website from angry viruses.” We’ve worked with some experts who have showed us the exact steps to securing our website from being attacked again.

On an open source platform like WordPress, there is no such thing as 100% secure. But you can take steps to protect yourself as much as possible.

 

Here are some things you can do to help stack the odds in your favor:

  • Install security plugins
  • Keep your plugins and themes up to date
  • Use strong passwords
  • Perform regular backups

 

If we weren’t able to design and rebuild our own website, this website security breach would have cost us THOUSANDS of dollars. And even though we were able to take care of it ourselves, it certainly wasn’t convenient. And we know how bad it looked to everyone else.

Don’t let this happen to you. Be proactive. If this is something you think we might be able to help you with, please send us a note.