I’ve been hip deep in dealing with hack compliance lately – it’s not my main job – my *main* job is writing books (the new one comes out June 4th!) but i’ts been what’s made up most of my time lately.
So, I thought to make it slightly easier to stop needing to hire me (counter intutive much? not really ), that I’d give y’all coming over seeing as I was recommended from someone’s site (thanks Craig!), a couple of ways to ensure that you’re only grabbing someone like me when you’ve really worked through everything you can.
One of the major issues I’m seeing right now is customised themes that were installed a year plus ago and need updated. It’s not a criticism, because people ten dto forget if somehting isn’t right in front of them (myself included) but it’s a good idea that every major wordpress update you have, that you at least search for your theme and see if it needs an update.
If you’re not sure of what to do, contact me.
Also, from the later versions of WordPress, plugins and core will update from internal one clicks. That means if you’re using the auto update plugin you should remove it now. It’s a possible hole.
Check your subdomains
Many people run subdomains and don’t look at them often – installing and running ‘webmaster tools’ on all of the sites will allow you to monitor problems and be warned, real time if there’s an issue with anything. And a visual check weekly should give you a chance to make sure everything looks perfect.
If all else fails…check dates
If something LOOKS fishy,log in via FTP – if there’s anything odd in there, look for the same dates in other stuff and focus on those files, though by that point you need to chat with an expert.
I’m always available to talk if you’re stuck, just contact me.