For those of you don’t run their own website, this post probably isn’t going to mean much to you, but for the rest of you, I think you’ll appreciate what I learned recently.
Last year during the Thanksgiving Black Friday sale, I was able to buy a year of web hosting for like $25 at HostGator. I put one of my smaller mainstream sites over there. I mean for a price like that, what can go wrong?
I know, famous last words.
Turns out, you really do get what you pay for.
The website I host with HostGator is a small WordPress website that gets less than 100 unique visitors a day.
This little website never really gives me any trouble. For the most part, it stays up, with an occasional 10 minutes down here and there — so I wouldn’t normally complain about the hosting.
But last week I got an email notifying me that my WordFence plugin was deactivated, by me. Now considering the fact that I didn’t deactivate it, I decided to log into my WordPress admin and see what was going on.
Turns out the site had gotten infected with Malware, so anytime anyone visited the website, a few of those pesky popups would appear.
I contacted tech support and they immediately redirected me to a third party company which they use and they require $150 to fix the problem for me.
I knew where the Malware was. I could FTP in and see where they had created a folder and were running a script. The only problem was, every time I tried to delete said folder it would come right back.
I wasn’t going to pay my hosting company for web hosting and an additional $150 to delete a damn folder for me. So this time I called in. Their support informed me, that they are not allowed to delete files from my server.
So I asked him, what exactly is it that you do then as tech support for host gator. He couldn’t really give me an answer.
But for $150 this 3rd party could clean up my website of the nasty Malware. They didn’t guarantee it wouldn’t come back, but at least, “for now” it would be gone. Now for $1440 they would protect me in case it did come back.
I explained to him that for a fraction of that price I could just take my website to a new hosting company and have it done for free. He didn’t seem to care.
Still, I was determined not to be defeated.
I knew I could pay WordFence $99. That would save me some money, but still, that seemed high. I just wonder if there was something else I could do myself.
Here is what I did ….
#1 I made sure there were no other users, other than myself. If there are other users, and you know they don’t belong there, delete them at once.
#2 I delete my theme and re-uploaded a fresh copy of it so that just in case they have infected any of my theme files, I got rid of that issue.
#4 I made sure all my plugins were updated. I then deleted any plugins I didn’t absolutely need.
#5 I deleted WordPress completely – I didn’t just install an update. I mean I actually FTP’d into my server, deleted all the WordPress files manually and then installed a fresh version of all the files that I had downloaded earlier from WordPress.com – obviously except my wp-config.php file. Make sure you don’t accidentally delete that.
Turns out the hackers had inserted an extra file in my WordPress wp-includes directory that didn’t get deleted/updated when you updated WordPress because it wasn’t really part of the WP core files.
So next time you have an issue, don’t just give up and pay the money, try and fight it yourself first. With a little patience and persistence, you can get rid of the problem on your own.
Side note: Just to be safe I also deleted all my plugins and installed a fresh copy. I also updated the password to my WordPress database installed on that website, making it slightly longer and more complicated. I wasn’t sure if they had compromised my database but it’s always better to be safe than sorry.