The Challenge
A lot of small businesses, charities and other organisations rely on WordPress for their online presence. Yet it’s well known that WordPress by default has a large attack surface.
We have spent many hours removing malicious code and restoring websites. The impact on any organisation’s reputation can vary but is usually quite damaging, especially if it gets to the stage that the domain is blacklisted by Google. This means nobody will be able to visit the site until the situation is resolved.
The Approach
We first reviewed the site using open-source tools to identify the potential problems and plan a remediation strategy.
Once this was approved by the client and we were given access to their site and hosting company, we first ensured there were backups available, then updated the site, added security plugins where necessary, and trained the company on how to use them effectively.
The result is that the client is far better protected. They are also much more informed about the motivations and thinking behind potential attacks so they can protect themselves as well as their organisation in the future.