Technical audit and lead recovery for a legacy WordPress site
Audited a neglected WordPress site after the previous agency went dark, closed critical security exposures, and recovered 1,327 leads the client did not know existed.
Challenge
An industrial measurement company was left with a legacy WordPress site after their previous agency went dark. No one knew what state it was in. The hosting account was failing, the site carried unknown security exposure, and years of customer inquiries were potentially trapped inside it.
Approach
Ran a full technical audit. Found and remediated a publicly exposed .git folder, cleared a hosting account sitting 144 GB over quota from 632 stale email accounts and a 4.5 GB error log growing since 2021, then extracted seven years of inquiry data from a misconfigured WooCommerce install.
Result
- 1,327 lost leads recovered and delivered to the client
- 144 GB over-quota storage cleared from stale accounts and logs
- 7 yrs of inquiry data pulled from a broken WooCommerce install
Details
The security findings came first. An exposed .git folder hands an attacker the full source and history, so that was documented and closed immediately, along with the runaway error log and the storage that was about to take the account offline.
The recovered inquiries were the part the client never saw coming. Seven years of WooCommerce records, 1,327 real leads, sitting in a misconfigured install and handed back as usable data they did not know they had.