I made Fresh Web Starts After being Hacked so many times last year.
So I thought I would share some suggestions on protecting your WordPress sites.

Here’s what you all need to know right now as a few simple steps to take to protect your WordPress sites:
1. Update your Theme whenever a new update shows up for it!
        Keep all of your sites updated even if you are not using them much.
    (My new hosting company, Springs Hosting, sends out an alert about updates.)

2. Update every plugin when it has an update.

3. Add a plugin that alerts you if there are a specific number of failed attempts to login to your WordPress site has occured and it locks it down after that number is reached.
    I am now using Springs Hosting. They have been very helpful during this stressful transition and I highly recommend checking them out if you are in the market for a new Hosting Company.

4. If you have any older sites in different programs either remove them, or make sure you keep them up to date. My original problem started with an old Joomla site that got hacked. I had kept meaning to get the data off of it and turn it into a WordPress site, but other things were more important  . . . and then I had to just delete the site quickly and lost all the work I had done there when I learned it was the main cause of my other sites getting hacked.

I am not a techy person, nor an expert, and these are just a few ways to help protect your WordPress sites.

Do more research, make sure your hosting company actually cares about helping keep your web sites protected.

The original problem came from a very old, unused Joomla site that I had not updated in years. I also didn’t check the email connected to it very often. More than a few months had passed when Joomla sent out an email warning people of many older sites being compromised.
That was way too late for me. So much damage had been done.

I hired techy people to help get one of my most profiable sites back up cleanly.
That lasted about two weeks, then it got hacked Again, even with a safeguard on it.
All the safeguard really did was tell me there was a change on the site – didn’t prevent the change, just asked it I had made the change . . .

The hosting company had only one very expensive solution for me.

I changed passwords so many times it was difficult to keep track of them, but I did’nt
 
The only solution my hosting company at that time had for me was to spend $50 per site per year with another company to guarantee no future hacking and clean up the sites.
I had about 10 functioning sites.
Some had just begun to bring in a bit of income, others, like this one, that were not bringing in any income yet. So that was not a financially feasible or practical solution.

Its been a lot of work, and I still don’t have all my sites back up to functioning as they should, but getting closer.

Don’t let this happen to you. Protect your sites!