A cautionary tale on WordPress security and SEO

WordPress security and SEO: a cautionary tale

Search engine optimization (SEO) is a great way to be very clear about what your business does. The opposite of SEO is being confusing instead of clear.  What could be more confusing than advertising someone else’s business instead of your own?

This is what neglecting your WordPress update can lead to:
This example is part of what a client’s website looked like after it was hacked. The website had nothing to do with any kind of financial service least of all “payday loans”. Everything about it had been modified crudely.

If being hacked this way wasn’t bad enough Google tacked a “This site may be compromised” warning on search results that showed the website with the “new” commercial offerings:

Since there were a number of facility websites within the hacked company website Google picked up and showed the hacked results instead of the actual company information for all ten businesses:

These WordPress hacks happen.  Unfortunately they can happen in many different ways. As a result they can be very difficult to completely correct because in some cases code has been hidden within the website files that will rewrite the unwanted text over and over until it is found and eliminated.

In this example a developer had modified a theme to give the site a unique look. He cautioned the business to NOT update WordPress because the updating process could break the look of the site.  This turned out to be very bad advice. One of the most important reasons to update both WordPress and your plugins is to improve your website’s security to make it less likely that it might be hacked.

How your website looks in Google and other search engines is an important part of your business marketing. Once people are credibly warned to not visit your website it is less likely that they will return.

WordPress is a powerful tool for getting your message out to the world. It’s up to you to properly care for it.