Like a good clown fish tending his anemone, we work tirelessly to keep our customers websites up to date and our systems running smoothly. But as everyone knows, bad things happen in the big ocean. Why? Let’s talk about the mystery case of the re-written posts…

Last month one of our customers had two posts defaced with a harmless message from the “White Hat Hacker” saying the site was insecure. Clearly done for sport, the White Hat Hacker thought this was funny, but we took it seriously. Within seconds the old posts were restored using WordPress’s built-in revisions capability, then we ran full source-code repository scans using WordFence, which we discussed last month.

Turns out, even though all code was up to date, a vulnerability had been introduced, and a second update resolved it. But still, our customer was one of 1.5 million sites hacked as part of this exploit.

Hackers attack websites for sport and profit. A frequent strategy used by hackers that have cracked a site is to create an invisible window to the far left or right of the viewable screen with ads, and because those ads are displayed, they get a small piece of revenue.

Cool, eh? No harm, no foul, except when Google comes along and scans your site, they notice this, and your site is designated a hacked site in their search engine. This process takes several weeks, and it may take several more weeks before a friendly person gives you a heads up.

At which point, you freak out. BUT! If you have 90 day backups, just keep winding back in time till you find the unhacked code. This is something we pay a lot of money for, and it helps us sleep well at night.

There is another need for backups. Occasionally, plugin updates or theme updates will fail, leaving broken CSS or a corrupted database in it’s wake, and it’s very comforting to go into the backup server and push the emergency restore button to push the previous night’s backup back to the live site. Make’s you say “whew!”.