Then I got HACKED, BAD.
There were injections into the SQL database, PHP, Htaccess and the list keeps going. The Malware was the 301 redirect which is very very dangerous to a website.
The 301 Redirect Malware tells Google via your htaccess file to redirect your website to a different URL. Google can blacklist or ban your site from Google for this activity, if the 301 redirect stays active.
Not only was my site infected, but every folder and website on that server was infected.
Being a developer, I knew how to track this down and deleted all the files and infected areas. Nope, that did not completely get out the Malware, and it continued to spread.
Luckily I had Cloudflare and CodeGuard. Cloudflare is a community of geniuses who pointed me in the right direction on how to solve my malware issues, and CodeGuard backs up my site every day. Keep in mind, these two services are FREE to start. Get them now!
THE HEROS: Sucuri.net
Sucuri has a team of experts who monitor your website for a small yearly fee. But when I look at the fee based upon my time that is saved in redeveloping the site, there is no argument. Everyone should get their website secured by Sucuri.net
After a couple hours, the Malware was completely gone from all the sites on my server and by the next day, Google had deleted the 301 Redirects from Google search. Sucuri Saved my site and 5 other websites. They are still monitoring all my sites now, everyday.
So, the million dollar question is, what happened with all these plugins that promised a secure WordPress???
Those plugins ONLY protect that one site. There are dozens of other ways to get access to your website, and no plugin can save your site. Every site needs active daily protection.
Also, the first indication of the issue was because of CodeGuard.com. They back up and send me summaries everyday of the files that changed. As I noticed these changes each day, I knew something was wrong. Also, I was able to revert back to my old files before the attack thanks to CodeGuard.com.
Summary to make your WordPress Secure
1. Sign up for CloudFlare.com
2. Through Cloudflare, sign up for CodeGuard.com (Also there are tons of other great security options from Cloudflare, so look into those too and let me know)
3. Get Sucuri.net. They will save your site and your time if a hack occurs.
5. Keep your site and all plugins up to date.
We have now built a WordPress Hosting solution for our clients to use. This new server is FAST and has all the WordPress Security built in!