We have been made aware of hundreds of Wordpress site hacks today. The hackers change user accounts and add folders with redirection code that points to phishing sites.
We are working to try to clean up as many sites on our servers as we can but this appears to be a problem embedded in Wordpress and we have reached out to them to check for any security updates that can be done to stop this. We will try to help you fix your site if it is compromised but cannot be responsible for your site content.
If you have a Wordpress website:
- Please check to see that it is updated to the latest version - currently 5.1.1.
- Check that all plugins are up to date.
- Change all wordpress passwords and use the complex autogenerated ones that WP will make for you.
- Check the whole site to see if there are any extra folders with redirection code - most of these seem to be random alphanumeric folder names.
- If you used a web designer, have them check the site for any unauthorised changes.
If your site is displaying a security warning in Google, follow the details link to report the site as clean once you have removed any extra content. You should also sign up to google webmaster tools to check the site status.
Tuesday, April 9, 2019