Who knew protecting little hobby WordPress websites from hacking would be such a pain in the butt? I just got an e-mail from my hosting provider which claims they found and removed malware from my movie marathon site. This is despite the fact that I have Wordfence installed!
I don’t really want to pay hundreds of dollars a year to maintain my low-traffic volume sites like this one. As a first step I’ll have to run Sucuri SiteCheck as a supplement to Wordfence. It provides a remote scan looking for vulnerabilities and checks if site has been blacklisted.