Hey guys,

Just threw a blog post together regarding new threat to small business Wordpress websites.  Seems in the last few weeks, Ransomware has been targeting Wordpress Sites.

Now, before you start thinking this can't/won't happen to you, the average ransom is $1077.  So these a$$hats aren't just going after medium and enterprise businesses any longer.

They're going after anybody they think they can get $1000 out of, which really means just about any site in the U.S.

If you get hit with one of these attacks, you won't get your site back until you pay, and it's a gamble whether you'll get it back at all.  In short, don't give these guys the upper hand on your business, website, and domain name.

So, what can you do?

I go over the details here.    [Link: paulryandesign.com]

If you have any questions, if you're not comfortable working in the back-end of your site, feel free to send me an email.

Take Care

-Paul

Had a person (that is not a customer) call a few weeks ago. Wanted me to fix their computer.
Me: "I don't work on computers. I do work on networks but not computers."
Person: "I'm sure it's something simple, can you at least look at it"
Me: "What is it doing or not doing?"
Person: "I think it has a Virus"
Me: "Why do you think that?"
Person: "I have a screen that says my computer is locked"
Me: "Oh!!! So you got the ransomware! And they want you to pay to unlock it"
Person: "Uhmmm.... I think so"
Me: "Yeah, you're screwed. Nothing anyone can do for you. I would suggest not paying them in hopes they will be kind enough to unlock it for you - after all, they are criminals and the ones that locked your computer in the 1st place. Hopefully you had all your stuff backed up. If not, lesson learned the hard way! Have a nice day"

Kind of OT...What i ran into with my own sites... Still happening because i dont have time to deal with it.

I had wordpress updates set to manual because when i had them set to auto i ran into issues where wordpress updates would break themes. Some core component of wordpress became vulnerable. Wordpress update would have fixed the issue before it happened.

Dozens maybe hundreds of core wordpress files had a bit of code written to the top of them. This code would bring up a harmless ransom ware virus warning popup like the one below....



The browser window had to be killed by task manager but otherwise totally harmless to your computer. The less savvy user might think that this is real and they would call the number and probably give up a credit card number.

Virus scanners malware scanners etc wont find an infection because its just popup code. You can go and manually delete the crap from each file but since there are hundreds of wordpress files im just going to export my content and create a new clean wordpress install and load a new copy of the theme.

Bottom line...IMO...keep wordpress sites set to autoupdate.

Or let Paul do it!

Here's the problem with the Wordpress auto update.  In general, it can work ok. However, here's where auto updates can be a headache.

Sometimes a plugin or Wordpress will do a fairly significant update.  WooComerce and Wordpress both did a very big one about 2 months ago (at the same time).  Now, they're asking every developer of plugins to make sure their 3rd party plugin is ready for the changes Wordpress & WooCommerce made. In this case, most themes weren't ready for the combination of those updates, and if you had your site set on auto update,  it caused a bit of a mess.

Hopefully, most designers and developers make sure they do backups before diving in.  If you're set to auto-update, you may not have a good back up, you can't rely on your host to have one either, the auto update could turn your life into an instant mess.

I know Mac knows this, but other guys may not....Think of the plugin updates the same way as you think of firmware upgrades for any number of AV products, where the firmware upgrades are patches and fixes for performance issues.  An auto update to a Samsung TV, may bring any number of HDMI extenders to a screeching halt.

In the case of websites, the performance issues, are generally security vulnerabilities. It's nearly a 100% guarantee that if you aren't keeping up with your security vulnerabilities you have at least 1 form of malware on your site.

Here's where I think the big disconnect is for most people.  Most business owners think that their hosting provider is in some way protecting them from these types of attacks.  The truth is, they're not.  They will, but it's an added service...bye bye $5 per month hosting.  Most people who sign up for web hosting, simply don't know what they don't know, and in my opinion shouldn't be expected to know.

What makes matters worse is that when you're on "shared" hosting, if there's a vulnerability to any one of the sites on that server, it can infect all of the sites on that server. Then your host puts your site in quarantine until you pay them to fix it. At that point, you're going to spend hundreds possibly thousands of dollars.

Here's an example of one of my customers sites.  While I was building his new site, he received this from GoDaddy.  In this case, it didn't matter because I was taking over his hosting and building him a new site anyway.

In the end, it's best practice to make sure your plugins are up to date, you have proper security on your site, and you're doing back ups.  If you need any help or have questions, don't hesitate to send me an email.   (email in signature).