Fixing security issues

  • My site was repeatedly attacked by malware that defaced pages, emailed followers, and got the site taken down from the host. I had to hire a malware clean to get it fixed and they gave me this list of potential vulnerabilities:

    Outdated Themes:
    kerli-lite 1.1.6
    minamaze 1.3.4
    morningtime-lite 1.0.5
    philips 1.0.2
    smallblog 1.5.6
    square 1.1.5
    tecblogger 1.0.2
    twentyfifteen 1.9
    twentyfourteen 1.5
    twentyseventeen 2.4
    twentysixteen 2.0
    twentythirteen 1.6

    How do I address these issues? I went into WordPress and I changed the settings so that plugins will update automatically. I thought everything would update. How do I resolve outdated software?

    If I can resolve these things, will the site be secure? Or are there too many security issues with WordPress? Do I need to use a different platform to update my site instead?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Remove any themes you’re not using, plus keep one twenty* theme as an emergency fall-back.

    Thread Starter daps77

    (@daps77)

    Thank you! Sorry if this is a very basic question, but how do I know if I’m not using them? Where do I even find them? I really just update the text of my website and I don’t interact with the design elements at all. I’ve done it that way for over ten years and never had an issue until this malware attack.

    Moderator James Huff

    (@macmanx)

    In the Themes section of your Dashboard, you’ll see only one theme marked as Active.

    The rest can be deleted.

    Also, carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures?and start backing up your site.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Fixing security issues’ is closed to new replies.