Malware Misdirection 

We discovered that a Malware browser plug-in from our WordPress site added our domain and all subdomains to their database on accident. We contacted them and they corrected it after a hit to our reputation.

You can always tell a cobbler by his shoes

An old saying goes that cobblers often have the worst shoes because they are always busy repairing other people’s shoes. Similarly, web development agencies are notorious for neglecting their own websites and prioritizing work for their clients. We have grandiose plans for our own websites and certainly have the talent available to create amazing online experiences, however, as soon as a client comes in with a new urgent priority, our own website’s project risks getting sidetracked.

So, we decided to take an easier route with WordPress.

The risks and advantages of WordPress®

Several years ago, we decided to move our website from Magento® to WordPress since our site is principally made up of content. We do have several service packages we sell online, so we implemented a blog-centric BigCommerce® headless process to handle that aspect.

Migrating to WordPress offered some fantastic advantages:

  • SEO friendly – it’s built for Google to crawl.
  • 3rd party apps – functionality is available for everything like social media, SEO, easy design, and spam-blocking.
  • Business people can produce great looking content with little or no help from developers.

  • SEO friendly – it’s built for Google to crawl.
  • 3rd party apps – functionality is available for everything like social media, SEO, easy design, and spam-blocking.
  • Business people can produce great looking content with little or no help from developers.

While using WordPress would allow us to upgrade the look of our site at little cost, we knew that maintenance and security would be a constant battle. Because WordPress powers over 35% of websites and is highly customizable, hackers have a large attack surface to work with.

However, the security issues did not daunt us. We run a hosting practice and are very familiar with the steps needed to ensure security, so we applied those same principles to our own site! We felt safe about our choice…until a client sent a screenshot challenging that assumption.

Razoyo did not want to be a company that endangered anyone (much less our own clients), with a trojan horse!

Now for something really disturbing

As we began to investigate, we noticed something that was even more concerning than we initially thought. One of our subdomains runs Mautic®’s open-source marketing automation system and the Malware Bytes warning appeared on that site.So, we then removed all of our Mautic scripts from our WordPress sites.

Later, we noticed that the Malware Bytes blocker showed up on our subdomains that redirected to JIRA, Slack and other tools we frequently used.

Time to call BS and a happy ending

That’s when we called BS. It was clear that JIRA, Harvest, G-Suite and Slack were not Malware infected, if navigating to those sites without one of our subdomain redirects did not produce the blocking page.

Fortunately, one of our Business Analysts quickly found a place to petition Malware Bytes about the issue. They confirmed the error on their end and removed our domain from the database. Champagne all around!

After this issue was resolved, we noticed one last detail to address: Updating our WordPress site to the latest version! All in all, the experience served as a helpful reminder to the cobblers at Razoyo that paying attention to our own shoes is important, too.