Every morning, I get an email from several of my websites with nothing but raw HTML code in them. Reason? So that I can check for any anomalies. With the popularity of WordPress, it is inevitable people will begin to attack it and sure enough they did. Earlier this year it was more apparent – blogs running versions 2.3 and below were the main targets. You still hear about attacks regularly if you follow the security thread on WordPress.
So this is why I have I check the code every day. Why email? Why not just view them on the browser? Because some hackers are very smart and sneaky. You will never know your site has been exploited because it is done so that you won’t see it on a regular browser, but a search engine robot will and therefore suck you of traffic or pagerank juice.
It only takes me a few minutes to scan the code – although sometimes it is a huge pain that’s why I’ll probably offload this to a tech assistant soon 😉 but worth it? Oh yes.
