My website was hacked/compromised in January of 2016. You can read the whole story here from my experience with A2 hosting. I thought I had it cleaned up, but it was suggested to me to have it scanned by a professional website cleaner. The referral given to me was Makis Mourelatos from FixMyWP – http://fixmywp.com/wordpress-hacked-fix.
Side note – I believe the reason my site got infected/malware was because at the time I had multiple WordPress installs and sites on my hosting package. I could have multiple sub-domains and I would use them for practice sites. I also hosted a couple friends’ small sites on my hosting. I simply forgot about the sample/staging sites, which meant that I wasn’t updating plugins and themes for perhaps years. This is extremely bad practice. I should have kept track of what was on my site!
I did put security plugins on all my sites (I use either iThemes Security or Wordfence). I started getting a lot of notifications of things going on with the friend sites. I finally made the decision at the end of 2015 to move those sites to the free WordPress.com where they are updated automatically.
I went to check out his website. It was very professional, well-written and presented. Since this was a referral from someone I trust, I didn’t look at any testimonials, but you may want to take a look – there are A LOT of them!
The File Scanning Process
I filled out the form on the website and Makis got back with me the same day via email with a quote. Makis is from Greece, but speaks (or writes), excellent English. To my surprise (and great delight), he also wrote that he would scan my site in exchange for my review of my experience in dealing with FixMyWp.com. He hadn’t asked anyone to do this in the past, but he said he liked the way I write! I do reviews of software all the time, so I happily agreed.
He sent me a secure form where I entered in both my website and cPanel credentials. He quickly tested them and let me know they worked and he would get back with me within 24 hours to let me know the results.
Makis emailed me within 24 hours and said after scanning all my theme and plugin files both locally and on-line, he found no malware. All the tests came out as clean – yay!
He also upgraded my site to WP 4.4 and he noticed that my W3 Total Cache plugin needed .htaccess rules to complete its configuration (I was going to try to figure that out later myself). But he went ahead and did that for me – woo hoo. He checked all my plugins to make sure they weren’t deprecated and said they were fine. He checked plugin compatibility for me and let me know some declared they were not compatible with the latest version of WordPress, but that was normal since I had just been upgraded to 4.4.
He also let me know his service included taking a backup of my site and storing it in his cloud storage for 2 weeks in case I had problems within that time period. On top of that, I also have his services for 2 weeks in case I think I’ve acquired malware. Nice. He finished up by assuring me my site was clean and to ask any questions I might have.
Dealing with FixMyWP.com was a very positive experience. I should note I have never had my site scanned for malware – this was a first for me, so I have nothing to compare it to. What I do have is experience with several WordPress related businesses since I purchase themes, plugins, hosting and listen to quite a few WordPress podcasts. I’m familiar with services in this industry and have high expectations.
I’m happy to say that just about all my experiences in the WordPress realm are very good. That’s probably why I’m still using WordPress and why I’ve been running our local WordPress meetups for the last 3 years. It’s a great community, whether I’m with my local group or communicating with Makis in Greece.
The FixMyWP.com Difference
For my article, I did ask Makis what it is that makes him stand out from all the other businesses out there who do the same thing he does. His answer (quote below) shows he approaches each job with creativity—he knows each site is unique and adjusts his methods to obtain the best result for the particular situation.
“What’s special about me is how I approach a WordPress hacked site. My experience with hacked WordPress sites helps me to understand why a WordPress site was hacked in the first place. I have a routine that I always follow but depending on the hacking signs that I find while working on the infected site I change the way that I deal with the hack.
I also do online and offline scans of the WP site files and compare the results. I don’t do anything special meaning everything I do is available if you spend some time searching about cleaning a site. Paying attention to all the details of a hacked site, working under a specific routine and my holistic approach to this problem is probably what makes me different.”
I hope none of you have to go through the hassle of a hacked site. If it does happen, save yourself time and headache by contacting FixMyWP.com!
My note – this article originally appeared in February of 2016, but it was lost during a transfer.