Aus gegebenem Anlass gebe ich hier die Tipps 1:1 weiter, die ich heute per Newsletter von Wordfence (WordPress – Security) erhalten habe:
Habe ich alles gemacht. Hat leider aber nicht geholfen :-/
Dennoch, die Tipps sind gut nachzuvollziehen und könnten bei anderen Konstellationen natürlich etwas bringen.
- Visit your site often. It seems obvious, but as the site owner you are much more likely than someone else to spot something that doesn’t look right.
- Search for your website regularly. Some hacked sites look perfectly normal to a regular user while serving up spam and other malicious content to search engines. By searching for your site you should be able to catch SEO spam even if an attacker is trying to hide it from you. Also, click the links in your search results to make sure the search engine link directs where it should, and not a bad online neighborhood.
- Set up email alerts in Google Search Console. Google is constantly crawling your site and will alert you if problems are detected, including the presence of malware.
- Use a security scanner and set up email alerts. The Wordfence scanner checks WordPress core files, themes and plugins for malware, bad URLs, backdoors, SEO spam, malicious redirects and code injections. It also compares the files on your site with those in the WordPress.org repository, checking their integrity and reporting any changes to you. The Premium version can be scheduled to scan more often and at optimum times, leverages real-time malware signature updates and performs blacklist checks.
- Your site visitors are often the first to identify an issue with your website. Make sure that it is easy for them to contact you and that you investigate their reports immediately.
- Watch for unexplained spikes in traffic. If an attacker is using your site to host malicious content, they are likely going to drive traffic to it. An unexplained increase in site traffic may indicate a hacked site.