Wordfence : Best plugin to Protect your WordPress website
From last few months my WordPress blog traffic decreased a lot. I was not able to find out what was happening to my blog. I tried all methods to find the exact problem, finally I installed a plugin called Wordfence which found out the reason for decrease in website traffic.
The best part of using WordPress as a platform for blogging is, use of plugins. Plugins really help in all possible way to increase your WordPress blog performance in search engines. Plugins like Wordfence has helped me in finding errors in my WordPress themes files and viruses/malware in core files.
Yes, my WordPress blog was hacked and virus/malware was injected into WordPress themes files. This has led to almost decreasing 75% of my blog traffic, you can see the monthly stats of my WordPress blog. This will clearly show the current status of my blog.
This was the worst phase of my WordPress blog. When I was on the peak of getting traffic, my blog got attacked with virus and malware. This can happen to you as well, hence do protect your website by using some good plugins. Wordfence is one of the best plugin I am using now, to protect my website.
After noticing the continuous decrease in my blog traffic, I have installed the Wordfence plugin on my website. This plugin helped me in finding all the infected or malicious files present in my WordPress core files. After scanning all the files, Wordfence has shown some of the malicious files present in my server which are redirecting my website to some vulnerable pop up websites. Below was the report send by Wordfence, to my mail.
You can see as per the Wordfence report, my WordPress core file index.php and wp-includes files where modified. When I opened these files big code was written which was difficult to understand. When I copy pasted the code in google translator, I came to know it was written in Corsican language. Below is a screenshot of a script code in a virus/malware file found in my website while scanning.
So, finally I removed all the malicious files from my WordPress core files. Do a complete backup of your website before deleting any of these files. We should regularly perform backup of our website, backup files can be used when your website is attacked by hackers or viruses.
How to protect our website from viruses?
There are many factors which helps hacker to hack or inject malicious files into your website core files. If you are not protecting your website, these hackers take advantage of such situation and destroys your website, which happened with me. You can take care of below things to keep your website safe from hackers.
Remove all inactive plugins and themes: These are best places for hackers to modify or place virus codes in your website.
Change your password regularly: The admin should regularly change the password and if possible add two-step verification process to add more security to your WordPress website. Limit the fail login attempts. Hackers can easily find the password if you do not limit fail login attempts.
Finally, install good WordPress protection plugins like Wordfence to keep your website secure and protected from hackers.