After-Incident Checklist (Security + Validation) Print

After-Incident Checklist (Security + Validation)

1. Verify service functionality:

   1. Website loads and admin login works.

   2. ERP login works (if applicable).

2. Rotate credentials (recommended after major incidents):

   1. Client area password

   2. Hosting control panel password

   3. WordPress admin passwords

   4. FTP/DB user passwords

3. Update software:

   1. WordPress core/plugins/themes

   2. Remove unused plugins/themes

4. Scan for malware indicators:

   1. Unexpected admin users

   2. Unknown files in uploads

   3. Suspicious redirects

5. Purge cache/CDN

   1. Purge LiteSpeed cache and any CDN cache if used.

6. Monitor for 24–48 hours:

   1. Errors, performance issues, failed emails, or abnormal traffic patterns