I have a few old blogs. They were kind of popular. They operated for years.
The sites kept getting hijacked. I could not keep up with it myself. I ended up giving up. Google took my sites and banned them from the search rankings etc…
I want to hire someone to fix the sites, and keep them safe.
I want to relaunch the sites, but still keep the old posts, as they did get traffic when they were indexed by Google.
What should I do? Thanks for any and all help.
I own the .com’s
The sites are self hosted Wordpress blogs.
The blogs are mostly sports blogs.
I am hosted on BlueHost
Did you use strong passwords? It doesn’t matter how secure the rest of the website is if the passwords can be guessed or discovered using brute force dictionary attacks.
Did you keep wordpress updated? Or leave it stagnant and thus allowed known vulnerabilities to be utilized? Do you have outdated plugins installed? An outdated theme?
Well first off, you will need to see how clean your data is from the old sites (whether the attacker injected any content into your posts, XSS requests, etc). If the data looks good, export it (I believe you can find that option in the Settings area of the Admin Dashboard).
Next blow each site away and do a clean install, import the data, and monitor it regularly.
I would suggest moving most of you php code outside the DocumentRoot so no one can execute any php files, directly from browser, other than those that are the essential ones. Haven’t investigated how to do that specifically for wordpress but the CodeIgnitor php framework gave examples on how to do that.
Use case sensitive password.
Want to indexed by google - Post something in your blog, then share, and add some comment on that. It depends on traffic, then google easily indexed your blog.