As I work with a lot of clients whose sites have gotten hacked or infected, I get to see a lot of e-mails from the support staff at various major hosting companies. Our first introduction typically starts with the client forwarding me a notice from the hosting company, which contains some sort of outline of the problem and the steps to take to resolve it. Every client usually has the same question for me with this e-mail, and it’s some variation of

“What does this even mean?”

Let’s take a moment to mentally picture a support person at a hosting company. They clock in, sit at their desk for 8 hours, and send out a bunch of e-mails in tech-speak. What they should be doing is sending out e-mails in the language of their users (you!), but they are not. They are sending them out in the language of the server. This is why these e-mails have things like…

Mail Log Parsed from Oct 6, 2014 15:58:21 to Oct 8, 2014 15:58:21. User sent approximately 700 messages to 700 unique recipients.

We have disabled the page(s) in question (via adjusting permissions on the files, e.g. chmod, or backing up the file first renaming it to “filename.INFECTED” and cleaning up the injected code) until you are able to address this matter.

Check your website(s) files for any signs of tampering (file timestamps show recent editing) or files you did not upload yourself and remove them. Looking at the reported files above should give you a good starting point.

What does this even mean?

Yeah, I know — most people can’t understand what any of those things are either!

This is where a developer comes in.

Let’s stop thinking about hosting companies as the end-all in services that you need. Instead, let’s see them as the garage in which you park your car. You wouldn’t ask the car park to address issues with the car, would you? Even if the garage told you the car was leaking or making a funny noise? No, you would take it to a mechanic. And your developer is like the mechanic — someone able to read the necessary input, discover the issue, and address the situation with a solution.

But how can you get the most out of your developer/mechanic? Here’s how:

  • Forward the exact e-mails you receive from the hosting company. Don’t try to paraphrase or give your developer the gist of it, because we need all the details.
  • If you notice a problem, tell us how you made it happen. A screenshot or a description isn’t enough — we need to go make it happen ourselves to see what is going on.
  • Provide us with more information than you think we need. Too much is always better than not enough!
  • Don’t ever think you have "a dumb question". We’ll know if your silly question is a sign of a major problem or just something we can ease your fears about, so PLEASE ask it!
  • Don’t ask your hosting company for help. The hosting company is there to protect their server and keep it running — not your site. So they will fee free to delete anything that looks bad without regard to the health of your site or the protection of your data. Your developer is there to look out for you!
  • Don’t wait too long. Small problems can turn out to be major messes when you ignore the warning signs or don’t act on the notifications. Swift action will help preserve your site and limit the damage to your business.
  • Don’t be afraid to leave. Some hosts are light years better than others. If your hosting seems to have frequent problems or your developer is concerns about their security protocols, don’t be afraid to move to another host. It’s often less painful than you think, and your developer can help!

Want to prevent this situation before it happens?

Grab your own
WordPress Security Lockdown & Audit

Learn More

Questions about security, hacking and hosting? Ask away in the comments below!

Pin It on Pinterest