Been dealing with a ton of problems lately with malicious content getting onto my wordpress sites and making everything run slowly. All of this could have been prevented to. I heard of the security issue with the old TimThumb script but didn’t do anything about it. Nothing was wrong with my websites so why would I need to change anything…. some really stupid thinking on my part. Your best offense against hacked sites is your best defense.

TimThumb is a PHP script that resizes images. It was used by a lot of different themes and plugins and if  it is an old version it can be hacked. You can fix this by simply updating the script.

Here are some preventative steps to take

  • Always update wordpress, wordpress fixes vulnerabilities and the older your version is the more susceptible you are to getting hacked.
  • Check if you have TimThumb on your computer. Download the TimThumb vulnerability scanner in your wordpress plugins and upgrade.

If you think your website has malicious files on it ask your hosting company to do a scan of all your files to find them.

When I contacted dreamhost I got tons of malicious files that I had to go in and manually delete, or replace with clean files. I would suggest finding all files that are considered malicious and renaming the extension to .infected. This way if it is a file wordpress needs you still have that file you just need to change it back.

Further steps you an take are running Sucuri Scanner. This scans for malicious files and also hardens your wordpress install to prevent future attacks.

I also started using Cloud Flare on my sites and they have a security feature which blocks hackers and malicious bots from even entering your site with a captcha page.

Need an E-Commerce Website?

Shopify is perfect for beginners and experts. You don't need to have any technical or design experience to easily create a beautiful online store with your branding. Choose from tons of well designed e-commerce templates that look great on desktops, phones, and tablets. Easily customize, create pages, add products, and you're pretty much ready to accept payments. Plans come with a free no risk 30 day trial period. Check out our in depth review of Shopify here and see why Shopify is our number 1 recommended shop for clothing companies.