If you’ve been a victim of malware, you know how frustrating it is to remove. Unless you’re an expert, you may lose valuable time and money trying to figure out how to fix the damage done. This blog will explain what malware is, and how to prevent it from happening.
What is Malware?
Malware stands for malicious hardware. As you can probably figure out, is not something you want on your WordPress website. “The most common types of malware are viruses, trojans, worms, spyware and zombies,” states Website Defender.
This website explains different types of malware, stating that the most common type of malware comes in the shape of a virus. Viruses are very tricky to detect because they can live on your site for different periods of time without you knowing about them. Your WordPress site may act strange all of a sudden but it doesn’t always mean it has just been infected. The virus could have been implemented days, weeks, months, or even years ago before manifesting itself. The trick is, it acts like your own site for some time, which helps the site’s owner not realize that an infection has occurred.
A worm is a more extreme case of a virus. Viruses spread on one computer, while worms have the capability to travel between computers, thus making them much more aggressive when spreading.
A trojan is an attack that is masked as something else, like a photo or a video. For example, if you get an e-mail from an unknown address asking you to open a photo, the photo can actually contain malware in the form of a trojan. The trojan will then leave a virus on your computer.
Spyware is malware that people use to get information from people’s computers. First, the spyware gathers info. Then the info is sent back to the person who infected the computer.
Zombies are probably the most unpleasant form of malware for those that witness its effects. Once a zombie has been implemented on a computer, the controller can send commands that your computer will follow. Therefore, it can greatly affect your WordPress site, making it do whatever the controller wants. If you’ve ever operated your computer, only to be shocked to see it having a mind of its own, it most likely has been infected with a zombie.
Good Hosting Companies to Prevent Malware
From our experience, we have found that most types of malware affect WordPress sites through hosting companies. Hosting companies sell you space on the Internet where your WordPress site will exist. The best malware removal tip is to prevent malware from getting on your site. Two good hosting companies we can recommend are WP Engine and Siteground.
Although this hosting is very tech-heavy, it is also great for novices as they have very helpful customer service. Every single member of their staff is a hosting expert, and they will take the time to answer all your questions about what is malware and also steps to prevent malware. They offer time machine based backups for easy rollback or restores, and if your site does ever get hacked, they will take full responsibility and restore it at no cost. One great feature is that they offer a clone button of your live site that copies your WordPress site to staging environment. This is great for development as it create a “sandbox” site for development and testing without effecting your current, live site. The first level of hosting is $29/mo per site risk-free for 60 days.
NOTE: WP Engine doesn’t offer an email solution so this would have to be setup independently. Rackspace has dedicated email ($2/mo per user) or Google Apps for Business ($50/year per user).
For more affordable hosting, we like SiteGround, which offers competitive rates for hosting and is WordPress friendly. SiteGround claims that they create custom hosting for each WordPress site, making it faster and better. They often run promotions so you can check the site for their latest offers. Their first package starts at $3.95/mo for 1-3 years and then switches to $9.95/mo. For added security, we recommend adding CloudFlare and security plugins such as Login Lockdown, Sucuri’s one click hardening, BulletProof Security, Sitelock, or Wordfence. The best thing about CloudFlare is its capability of expediting and safeguarding practically anything online. This includes the great mass of websites, APIs, and other properties connected to the Internet. SiteGround has a built-in one-click integration with cPanel and a lower rate on the Plus plan. It can also help speed up the site.
Plugins to Keep Your Site Secure
Login Lockdown is a security plugin that has the capability of limiting the number of login attempts from a given IP range within a certain time period. Every failed attempt is recorded then the login function is disabled. It currently defaults to an hour lock out of an IP block after 3 failed attempts within 5 minutes.
Sucuri is a globally recognized authority in all matters related to website security, with specialization in WordPress Security. The Sucuri Security WordPress Security plugin is free to all WordPress users.
Bulletproof Security protects against known and unknown attacks like brute force login attack. It also features database backup and protection, and firewall security and protection.
Sitelock protects more than six million websites all over the world. It has all the technology to do regular scanning, auto-removal of malware, and web app firewall to ensure the safety of sites.
Wordfence is a security plugin that provides the best protection suited to a particular website. This is also powered by the constantly updated Threat Defense Feed, which allows WordFence Firewall to stop websites from getting hacked. Wordfence Scan leverages the same proprietary feed, alerting website users quickly in the event the site is compromised.
The team at Behla Design is dedicated to creating visual experiences that effectively tell our clients’ stories while engaging, exciting, and enticing their customers. Our firm consists of the top web design and development, WordPress, search engine optimization (SEO), and copywriting professionals. Our founder, Andrew Behla, has worked in the graphic, print and web design industry for over twenty years.
For more information about making your site mobile friendly, contact Behla Design.