Do you know how much can a malware attack on your wordpress site cost you ? Most of us do not realise this until it happens to us, I have also realised the importance of wordpress security after getting attacked by Malware in 2018.
This Malware attack costed me > ₹ 100,000 /- and 6 months time. But please note I have immediately acted and took action to take control of the situation, but assume you were not in focus and leave such malware attack for more than 2 weeks it can lead to irreparable damage.
Read in details what happened with my diabetes blog in 2018 and how did I control the situation.
One day a participant of 8 weeks diabetes challenge (program I run for my diabetes blog ) has sent me a whatsapp message saying that, she is not able to access the tasks, when she opens the page, it is showing something in Chinese.
I thought maybe she has some issues with browser or something, I was doubtful but did not give much importance. But later on what happened scared me like hell. Later I could understand my blog would have been ruined by security issues like malware and hacking.
Going into the details, after that incident one more Reader of my blog reported some pages being shown in Chinese and she send the screenshot.
when searched for blood glucose meters in India in google, my website use to rank for position 2-3, but suddenly it shows everything in Chinese, you can see the picture above.
then I have got really doubtful and thought should act very soon and have searched on google and understood it is a kind of malware attack.
I was shocked, but I have to do something !!
So what can I do is take assistance from WordPress security experts like Succuri or wordfence. I felt wordfence is in my budget , So I have subscribed to wordfence premium which costed $99 per year.
Thinking that Site cleaning will be offered by Wordfence free of cost, But they they did not offer it free of cost but they have said that, they can give me a discount of $ 99 .
Original cost of site cleaning service is $179 but they are offering it to me for $88.
I thought ok, let me go with it, I cannot let my site ruined by Malware.
My 3 years of hard work
My 3 years of patience
Fact that it started generating money just 6 months ago
Traffic has dropped
With all these things in mind, I have paid for the service and wordfence team worked on it cleaned the site and generated a report which suggested things like
They mentioned they were not able to understand how hackers could get into my site.
Update all the passwords like hosting account password, wordpress admin password,FTP passwords etc.
Enable 2 factor authentication using wordfence.
Remove any plugins which are abandoned
My blog was making around 25000 per month at that time when this happened, My online course - 8 weeks diabetes challenge which I have made using learnpress was not accessible.
luckily all of the participants are in my whatsapp group and also are signed up for my Email newsletter, So I could carry on with the 8 weeks diabetes challenge program successfully.
Now how much did it cost $ 99 + $80 = $ 179
Cost in money was one thing clearly visible, But I have seen that before this malware attack happened my traffic also went down, Google was penalising me. I felt very bad.
I have lost more than a 1000$ by not having a Security plugin for my wordpress site dont do this # 1 blunder mistake I did with my Blog.
Let us assume you are earning 20000 per month, and if your readers understand your site is infected with virus, they will hesitate to use the payment gateway on your website.
Luckily I could manage to remove the malware and clean the site completely within a week but had issues with google search console with indexing of few pages, Traffic has come down by 50% that means loss of revenue by 50%.
My blog was making around 25000 per month and then after my revenues dropped to half till 8 more months.
So 8 x 12500 = Approximate loss of 1 lakh rupees.
As per a survey conducted by Netcraft there are 1,652,185,816 websites. Out of them 495,655,744 websites run on wordpress. i.e 30 % of the websites are run on wordpress, WordPress being open source is more predictable to hackers.
wordpress due to its functionality is the no#1 content management system
As per investigations done by Succuri, A wordpress Security expert out of 100 websites hacked in 2018, 90 were run on wordpress. i.e 90%
Using a good wordpress security plugin like wordfence or Succuri is an obvious recommendation but what are the other things which can be done to improve security of your wordpress website.
There are many wordpress security plugins like wordfence, Succuri, Allinone-WP security & Firewall, Malcare and Ithemes Security , you can read in detail about all the details about security plugins
My recommendations are just 2 of them Succuri and Wordfence.
As I was using wordfence since 1 year I will write a detailed review including how to setup wordfence soon
Is your blog earning more than 200 $ profit a month
install wordfence premium
Is your blog earning less than 50 $ profit a month
Install wordfence premium or wordfence free version
Is your blog not earning anything?
Install wordfence free version
As Bloggers we should take security of our website / blog very seriously like we take care of our home security. Creating strong passwords, using two factor authentication and good wordpress security plugin like Wordfence .
By doing all these you can secure your website from malware and avoid loss of money and time on your blog.
I want to hear tips you follow to keep your wordpress site secure ??
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.