How a plugin almost destroyed her business. Beware!
A friend of mine got her blog almost completely shattered. We've worked hard to get it back to order. And furtunately, we succeeded.
What happened?
She got to the plugin repository of WordPress and filled her blog with free plugins. In the process, she got a 'backdoor' plugin.
A backdoor is a malicious piece of code that is used to provide the attacker with unauthorized remote access to a compromised web space by exploiting security vulnerabilitie
Such infections are generally difficult to handle. Most often, restoring a backup copy of your blog cannot solve the problem.
Sometimes, it requires special skills to manually deal with a backdoor infection. Most WordPress Security Apps out there can't even handle it.
Plugins are good but ...
The trainings offered here have recommended plugins I believe should drive your blog successfully.
But if you feel you need an additional plugin, if you are not really sure about it, I think it's a good thing to ask first.
Most starters are quick to install a plugin that does this or that. Do you really need that next plugin? Is it adding any value to your business?
We are here to help. We are building together. Don't do it alone especially if you are new.
Ask before you install.
Let's keep giving.
Recent Comments
96
Thanks for sharing Enstine. I was not aware of such malware, but will certainly be cautious about use of new plugins now, Best Alan
Great advice, Enstine! That's too bad about your friend's site. Glad it's back to normal. I had some issues when I first began here that SiteSupport fixed---it was from a plugin not being compatible and interfering with the other ones. Now, I use five! Good post!
Erin :)!
Hey Erin,
It wasn't easy but we got it back to order.
Yes plugins can cause a lot of problems.
5 is sweet. If you have need for any other plugin, investigate thoroughly
Thanks, I am very glad you restored the blog, I know, from experience that plugins can destroy your website, not only backdoor, but also bad coded plugins, I always test them first on my test website, and I have deleted quite some test websites because of malicious plugins and scripts Using malicious scripts can wreck your website, open a test site
Oh yeah that's a good working method. Test before use. And test for long too.
Thanks for mentioning that other post
Thanks for sharing that horrible experience with us
I only have six trusted plugins as recommended by Kyle
Marion Black wrote a post on malicious plugins which I found extremely helpful. Malicious Plugin Warning
Oh sweet. Thanks for pointing to Marion's post. And yes any additional plugin may not be toooo needed. If members think they need extended functionality added to their blogs, they should ask for some opinions if they ain't really sure.
Hope you are having a great weekend starting today
Interesting post. You don't say if the host was here or elsewhere. However, I had the exact same problem with Bluehost years ago, and this highlight the dangers of 'fiiling' your blog with free and /or back door plugins
I put a plugin on my site and the whole sot got afected and crashed, it was bluehost and i firmly believe, it was they who instigated it, simply by detective work, depsite their rebutalls.
That said, we are given sufficient information about plugins here to ideally not get caught out. But check when looking at a plugin, on the reviews, is it compatible, does it fit the CRUDS criteria (My own nickname for plugin choosing). I have written a WA community blog on my profile which explains this more
But good point well presented and sound advice
Hi Dave,
She's actually not hosting here.
Thanks for sharing your own experience. I think it's a good thing to share the link to your WA post here to help us discover your CRUDS method
See more comments
Thanks for that important piece of information. Jim
Thanks for the comment, Jim