HawaiiWP.com

Hawaii's Small Business Website & WordPress Resource

Check out HawaiiWP.com on Yelp
  • Getting Started
  • Moving Forward
  • Services
    • Quick Help
    • Website Review
    • Complete Website Management
    • Malware Cleanup for Hawaii’s Websites
    • How Much Does a Website Cost in Hawaii?
    • What’s the Process of Putting Together a Website?
  • Case Studies
    • Church and Non-Profit Websites
    • Art & Creative Websites
    • Features
    • Portfolio
  • Tips & Articles
    • WordPress Tips
    • Marketing Tips
    • Seminars, Meetups, and Events
    • DIY Plugins & Tools
    • DIY Website Steps
  • About Me
    • 日本語
You are here: Home / Wordpress Tips / How We Managed A Recent SPAM Injection Attack

How We Managed A Recent SPAM Injection Attack

April 11, 2013 By Arlen Nagata

NoSpam

Recently, a formerly trusted plugin was found to be a gateway for SPAM to get into 1,000,000+ websites.  The plugin was called “Social Media Widget”.  

It provided a simple enough function.  It allowed users to easily add  links to their social media accounts.  Something like the picture below.  

Social Media Links

If that was all the plugin did, it was fine.  But when v4.0 of this particular plugin was released, it contained some undesired code which allowed SPAM to infect many websites.  

Once we saw this in Google+, we immediately went to our website management console and found that we had 4 websites using that plugin.  We use a WordPress Management console called Infinite WP.  It’s a great tool that I’ll post a video about in the future.  

InfiniteWP allowed us to search through dozens of websites, bulk deactivate and delete the offending plugin and within minutes, our websites were secured and the SPAM vulnerability was mitigated.  

We pride ourselves on the safety and security of  the websites we manage for our clients.  Among the many measures we take to ensure your business website’s security are the following:

  • We use strong unique passwords for each website and database.
  • We use only managed WordPress web hosts (one that specializes in WordPress and takes security measures seriously)
  • We use several security plugins on each website to combat many basic and advanced website attacks.
  • We make regular automatic offsite backups.
  • We keep all plugins, themes, and WordPress core updated regularly
  • Our highest traffic sites are encrypted with SSL security for logins and all administrative tasks.  

If you are a client or ours, be assured that we value our relationship with you and we spend hours each month maintaining the security of your website.  

For others reading this article, how do you manage the security of your WordPress website?  We’d love to know in the comments.  

Share this:

  • LinkedIn
  • Facebook
  • Twitter
  • Pocket

Related

Filed Under: Wordpress Tips Tagged With: security, SPAM

About Arlen Nagata

Small Business Web & Tech Solutions

Arlen makes Tech and WordPress web design simple. If it’s all “Geek” to you, you need Arlen. For years, Arlen has been keeping up with the trends of technology and WordPress web design. He provides simple, easy to understand help for others with their technology and website needs.

HawaiiWP.com LLC BBB Business Review

Search The Archive:

Articles:

  • Case Studies (5)
  • DIY Website Steps (10)
  • Features (2)
  • Marketing Tips (8)
  • Meetup (5)
  • Plugins & Tools (6)
  • Portfolio (32)
  • Starting Steps (10)
  • Website Solution Features (2)
  • Wordpress Tips (72)

Contact Us:

HawaiiWP.com LLC
91-906 Nohoihoewa Pl
Ewa Beach 96706
Phone: 808-232-7921
Email: Arlen@HawaiiWP.com
  • Getting Started
  • Moving Forward
  • Services
  • Case Studies
  • Tips & Articles
  • About Me

[footer_backtotop]

Copyright © 2022 HawaiiWP.com LLC · Log in