SoCalCreations Security Services

There are well over a Billion websites online today, according to internetlivestats.com. As of the writing of this, 52% of them run on WordPress according to builtwith.com.

 

 

  • Top 10,000 Sites 31%
  • Top 100,000 Sites 36%
  • Top 1,000,000 Sites 46%
  • Percent of Total Active Websites Using WordPress 52%
  • UNPATCHED – POTENTIAL HACKABLE WORDPRESS SITES 55.5%

More than 55% of WordPress Websites are running a version with one or more very serious security holes that not only potential make the site unaccessable, it can take down a site, or be compromised to deliver malware to it’s visitors.  These sites can then be used to attack other websites, spread malware, and even collect visitor information…. with these problems, Google will deem your website unsafe, tag it as so as display a warning in the search results, as well as potentially remove your site from search results. [see Google Blacklists 11,000 sites]

Our History

I am reminded of…. if not taken back to when my first ‘hacked’ client contacted me in 2009.  Back then she had paid a company, probably an inexperienced person, to ‘fix’ her WordPress website.  I know we all start somewhere, but if you are going to ask for money, give a level of support or guarantee for your work.  The site was “cleaned” and then was prompted defaced for a second time in short order.  After the site was “cleaned” for the third time, I was asked to take a look.  Turns out all the person did was replace the WordPress Core Files and the Theme Files.  None of the Plugin files were updated or replaced.   The entry point of the attack came from a person using a ‘form’ with a SQL injection, which meant the issue was created using an out of date plugin, that was no longer supported and the malware code was now in the database, which replicated any time certain pages or posts were accessed.

I so loved tracking this down, solving the puzzle that I stepped back and thought for a moment.  There are NO SECURITY SERVICES FOR WORDPRESS, only the WordPress Codex on Security. (at that time).  I figured since I designed boarder security for small businesses and I was able to learn how WordPress runs and processes, there has to be a way to do layered security right on the server.

After months of research and testing, I came up with a way of doing simple layered security that prevents nearly all automated attacks, even the 0 – Day type.  Now that being said, we will be the first to admit, nothing is 100% full proof, but simple logic steps will make your site more secure than the next guy who has nothing but the default WordPress configuration…. because that’s all his Web Designer knows.

Our Guarantee

Ours is simply this…

If you get attacked by the same method within six months of us cleaning it we will fix it again for FREE.

Now that also comes with the fact that we will monitor and update your site for 6 months after it was attacked.  Why? To prove a simple, but effective point…. updates are a very important security measure to a website.  However we extend this level of service beyond just a fix, watching and updating for six months…. we also put in to place layered security that has been highly effective in thwarting automated attacks, since we discovered this process in 2010.  And we are happy to say, not a single one of our clients has ever been hit twice, even after we stopped monitoring them.  Now take that with a grain of salt… it’s not 100% effective, but neither is iThemes Security, WordFence or Sucuri, which are the top players.

So which is the best….. well that depends on

  • How important that your site stays online
  • How important is your sites data
  • Do you run e-commerce
  • What is your budget?

 

As with anything, there is NO MAGIC BULLET, or in this case SHIELD. It really depends on your analysis of importance that your site remain accessible. The more guaranteed up time, the more the cost of the protection and higher monitoring.

How SoCalCreations is different when it comes to Repair Services.

The simple fact is malware is on your site and you need it removed.

We got that and so does every other service provider.

  • There are those that request that you open a service ticket and the site will be cleaned based on interaction of the tickets.
  • There are other sites that promise a response time in hours and cleaned in the same amount of time.

 

The important question to ask is what are their methods of cleaning?

Most will run a scan and there are many good ones (Sucuri, VirusTotal, Unmask Parasites, WebConf and more)

They will identify the ‘type’ or ‘location’ of the ‘infection’ and then replace the files and scan again, if clean, they are done.

 

What’s wrong with that you ask?  

Well there are many types of malware code today and the ones that morph and or replicate can place themselves or ‘call home for code’ sections anywhere in your site.  Your site may appear to be cleaned, because the ‘scan’ said it was, but it still maybe infected.  A recent site we cleaned had code that would only trigger 20% of the time. Which means every scanner we threw at it came back as ‘clean’, yet, randomly it seemed, visiting the site would send you off to a spammy page.  The code was written so that if the author wanted to redirect visitors to different infected sites at anytime they could. The code also hid in multiple places, replicated the ‘calls home’ portion of the code, disguised it as images, javascript and other links, in several places on the site.

This is NOT a TWO hour job!  This is investigative work.

 

Simply replacing WordPress Core Code, Theme Code, Plugin Code, is just NOT ENOUGH, yet this is what most ‘malware repair’ places do, because it’s easy and the odds are, it WILL fix the problem.  We go looking for HOW the site got infected, which means we READ through Logs, Look through Code and the database, in addition to scanning the site.

By discovering HOW the site got infected could be beneficial for several reasons,

  • evidence of a potential security flaw (in WP core, theme or plugin)
  • misconfiguration of the server, htaccess, php.ini or WordPress
  • the ability to know how to defend against it, making a stronger layer

 

When we are done, the SITE IS CLEAN!

We will then get over to Google and make sure they know your site was fixed, if necessary.  Your site may be infected, but depending on when Google scans your site or someone reports it to them, maybe days or weeks it could have been infected or infecting the visitors.

%d bloggers like this: