For the radio show last week I was driving and had to call in.
It’s poor sound quality for me but good quality stuff. Take a listen…
Securing WordPress
First of all – let’s talk about securing your WordPress site.
- Backup your entire site on a regular basis. Don’t forget. Also it’s good to put that file somewhere other than your server. I store mine over on Amazon S3.
- Update, update, update. Plugins, Themes, and the core. The safest version is generally the newest version.
- Speaking of that, hide your Version. Make sure you are not broadcasting the version of WP that you are using.
- Always use secure and different passwords.
- Use a secure username (not admin).
- Display your name as something other than your login name.
- Don’t use wp for your database username.
- Limit login attempts.
- Use security plugins (like Sucuri, Wordfence).
Securing WordPress is all about not becoming a victim.
Now let’s talk about recovering from…
Recovering from Malware or Hacking
Since time is of the essence – scan for malware but call in a professional.
https://sitecheck.sucuri.net// is a free way to scan.
Go scan your site right now and make sure you are cool.
If you have malicious code go straight to a professional.
Sucuri does a great job cleaning all the files and getting your site back up and running.
WordFence is a great plugin as well.
Generally, Sucuri is focused on cleaning up the mess after, while WordFence focuses on not letting them get in there in the first place.
The WSOD
Like the infamous Blue Screen of Death that most people who have used a Microsoft product are familiar with, WordPress has it’s own version and it’s usually all white.
If you get the dreaded White Screen of Death here’s what to do next.
What was the last thing you were doing? Messing with a plugin? Messing with theme files? Don’t do anything but think about what you last did in your site.
Plugins
If it was editing, adding or deactivating a plugin… start by deactivate all your plugins. If you can’t get to the plugins in your dashboard, go in via FTP.
Go to wp-content and find the plugin folder and rename it. Most people will rename the folder “PluginsOLD”
Did that fix it? Now start by adding back your plugins one by one.
Theme Files
Were you messing with the functions.php file? First of all, that’s a very dangerous thing to be doing. Stop doing that.
Usually via FTP upload a good version of the functions.php file (or whatever file you were last in.)
Did that work? Now always use a child theme and modify that instead of the parent.
Other stuff
Sometimes you don’t know what messed up – but something certainly happened.
If that’s the case, start with the plugins. Rename the plugins folder via FTP – if that fixes it, it’s a plugin.
If that doesn’t fix it – do the same with your themes folder – did that fix it? If it did, your problem was a theme.
You might also see something like “Error establishing a database connection”?
It’s probably a bad wp-config file.
If you still have a problem – try reinstalling WordPress.
If it’s a core file issue, sometimes this will work.
Check your .htaccess file. Using FTP, rename it. Did that fix it?
If it did, by re-saving your Permalinks, you’ll generate a new version of the file for your site.
It also should be mentioned – is it just a server issue? Is your host down?
Contact your host and ask them if it’s you or them.
Is the WSOD cached? It might not be you at all. I had a client once who I had fixed their site but on their computer it still wasn’t working. After an hour of working on the site it turned out that their browser was caching the WSOD after I had fixed it. This is why tech support will always ask you to clear the cache.
Plan B
B is for Backup. Simply restore a backup. That’s why you had the entire site regularly backed up and stored somewhere in the first place – right? If you did, you could be just a click away from back to normal.
Call to Action: I can schedule regular backups and deliver them to my Amazon S3 server for you. I offer it to all my clients and most everyone else. Cost is just $120 a year. When disaster strikes, forget about all the above. A proper backup will restore you back to health in just a few clicks!
- The Ultimate Guide to Writing the Perfect Blog Post - March 14, 2023
- 8 Questions Your Web Developer Should Have Asked - April 27, 2021
- Slack, Chat or Discord? - April 6, 2021