Hacked again and what I’m doing about it

I probably start 5 new sites a year and only kill off 1 or 2. Over time it adds up to an unbelievable bulk of outdated 3rd party plugins, useless WordPress themes, and way too many instances of Hello Fucking Dolly. 

The digital landfills my servers are slowly becoming attract a vermin more irritating than my cat – automated hack bots. At least I assume they’re automated because I’d rather be the victim of an excel spreadsheet than a brilliant Russian hacker out for my blood personally.

It’s like cleaning up oil spills in an ocean that constantly grows bigger and more populated  with leaky tankers.

So I’m draining the ocean. From now on every wordpress install will sit within the warm and cozy confines of a wordpress multisite install. So instead of remembering to update 20 different installs at once, something I’ve to this day not done, one click will update everybody. One wordfence scan, one plugin install, and one Dolly witchhunt.

Yeah I know I should have done this 8 major updates ago but I’m a slow learner ok? And I’m even slower at taking action. I still haven’t bought salt and we’ve been out for almost a month.

Next the good news. For the first time in years, the spammy payday loan links haven’t returned to my main site’s header.php file. Whatever I did last time seems to have plugged the last of my security holes. I guess there’s no better time to turn that one into many.