http://blog.sucuri.net/ has an interesting post about “The Impacts of a Hacked Website”
This is a good line:
“We are learning the hard way, what large organizations already learned – being online is a responsibility and will eventually cost you something.”
I now know that it was the Yoast Google Analytics plug-in that caused this website to get hacked http://oversitesentry.com/after-action-report-on-my-hacked-wordpress-fixvirus-com/ I had installed the Yoast plug-in and then a little black box was suddenly on my site.
After installing Yoast I did not realize it had a weakness:
http://seclists.org/fulldisclosure/2015/Mar/136 Apparently there was a security vulnerability
{ A security vulnerability in the plug-in allows an unauthenticated attacker to store arbitrary HTML, including JavaScript, in the WordPress administrator’s Dashboard on the target system. }
That is just the beginning in this analysis:
A hacked site can cause problems for you
1. To me the biggest problem is that Google will blacklist your site, you will not get any traffic.
I ran into that myself and was able to solve this very quickly, Google does fix the listing when you clean the malware
2. It can happen even to sites that have “nothing important” on them.
3. Brand reputation is a tough nut to get back.
4. Hacks cost more than money(may also cost some money). The mental cost of having to fix or just the fact it was hacked.
For me the only problem was I had to move hosting companies that was going to be a lot of work which I was putting off.
If you have not gotten the message yet I am honest to a fault. I will tell you everything I know and then some stuff you might not want to hear.
In security that is the most important aspect.
In wordpress I have learned to use Sucuri wordpress plus a backup plugin. Now that I am on a hosting company with Cpanel, I can control the site very well. With the Sucuri plugin any time a change occurs on the site an email is sent to my email. So that is like a change control.