Well, it’s been about 6 months now since I started this business and I continue to learn more and more every day.  Today’s topic is website security, which I recently gained some firsthand knowledge about.

I went on vacation to the Oregon coast and just got back and found that when I tried to pull up my website I got an error message and notice to contact my hosting service.  I did, and they informed me that my account had been suspended due to malware files on my site.  They gave me a list of the files I needed to delete, which I did, and told me they would re-scan my site and it should be up within the hour.  The next day, it was still down so I called them again and they said it should be working and I may need to clear my cache.  I did a “soft refresh” (ctrl-F5) and everything popped back up as normal.

Next I needed to update my plugins – I had 7 of them out of date.  I ran the updates and then found I had about 35 comment spam messages waiting.  I had installed the “Anti-Spam by CleanTalk” plugin which had been doing a great job catching spam comments but there was a short lapse in their service because I didn’t realize there was a free trial period and then you have to pay $8.00 to activate for a year.  Spam comments have been such a pain in the rear that I went ahead and paid them to reactivate.  It seems worth it to me but I’m so new at this I don’t know if I’m doing it the right way or if there’s a better (or free!) way to do it.  Anyway, for $8.00 it’s not a big deal.

I was also referred to SiteLock by my host and a very nice sales lady contacted me yesterday to pitch their service.  She sent me an email with some info on their products and the first thing I looked for was “how much is this going to cost?”  The answer was “Retail – $99.99 per domain per month or Approved Discount Rate – $69.99 per domain per month.”  Aaaaarrrrrgggghhhh!  They must think I was born yesterday because I KNOW there are less expensive solutions out there.  Seems like overkill for my little startup business and simple site.

Anyway, I got another message from my host and they said the hosting package I purchased already included a credit for the SiteLock service which I had not yet applied.  So, I logged back onto the hosting service and lo and behold, the credit was there.  I followed the instructions and applied for the credit so now it looks like I might be covered after all.

Ok, I think it’s now under control but now I’m worried about my clients’ sites.  I’ve been making sure to keep their WordPress, plugins, and themes up to date and haven’t had any problems yet, but there’s one client who’s on a different host and I’m unable to update their WordPress version and any plugins or themes because it keeps telling me it “cannot create the directory” or “cannot delete the old plugin/theme”, etc.  I spent all day yesterday checking the forums for a solution and have tried just about everything they suggested and it still doesn’t work.  I guess I’ll have to contact the host for help but I talked to them some time ago and they were not very helpful about it.  Anyway, that’s a topic for another day.

It’s sad that there are people out there who don’t have anything better to do than malicious malware attacks or spam or running scams, etc.  There are so many ways to make good money in this business legitimately just by providing good and honest products and service to people in need.

I hope you are all having a wonderful summer and I look forward to growing my company and helping many more small businesses become more visible on the internet with their new websites!