What to do if Your WordPress Website is Hacked (Step-By-Step Guide For 2018)

February 3, 2018

WordPress Site Hacked How To

Having Your WordPress Site Hacked And Dealing With the Aftereffects Can Be a Very Painful & Expensive Experience!

But don’t worry, here’s some great advice that will help you get your website up and running in no time.

The thought of having your WordPress site hacked is disturbing. However, it is a very real risk that many people have had to face. Any site running on any platform runs a risk of someone gaining unauthorized access. Because the source code for WordPress is available for everyone, and the fact that it is the most popular content management system used, WordPress sites are even more vulnerable to a hacking attempt, even if you do utilize recommended security protocols

The question then becomes “what should you do if your WordPress site is hacked into?” Before I answer that question let us look at the factors that make your site vulnerable to hacking attempts.

Weak Passwords

Weak passwords make it extremely easy for hackers to gain access to your site. It’s basically asking to get your WordPress site hacked. When creating your password make it as complicated as possible. Mix uppercase and lowercase letters, numbers, characters, and symbols.

Outdated WordPress Plugins, and Themes

The various plugins that you use to increase the functionality of your site come with security flaws. The updated versions of these programs have added features to seal these loopholes as soon as they are discovered by the developers. Running outdated programs on your site exposes you to these vulnerabilities

Shared Hosting

Shared hosting leaves your site exposed to malicious hackers. If someone hacks into a site on the shared host then they can gain access to other sites on that server.

Plugins and Themes from Shady Sources

Before you install a plugin to your site find out who the developers are. Always use themes and plugins from reputable sources and check their reviews. If possible, avoid free plugins and choose those plugins with a high number of downloads. These plugins are more likely to be updated regularly.

The above recommendations are useful only if your site has not been hacked into. If, unfortunately, a hacker gets into your site then the following steps will help you regain control and access to your site.

Remain Calm

This may sound unreasonable, after all, how can you stay calm when all the hard work you have put into your site seems to be going down the drain? However, panicking will only cloud your mind and affect your ability to make a prudent game plan on how to regain control of your site. So please, take a deep breath.

Scan Your Computer

Sometimes hackers gain access to your website through your computer. Therefore, install an antivirus software and scan your computer. If you already have an antivirus update then run the scan. Also, update your operating system and programs to ensure they are safe. If the hack originated from your computer then these measures reduce the possibilities of another hack.

Assess the Damage

After ensuring that your computer is completely clean and free of malware then find out as much as you can about the hack. The following list will help you find out a lot about the hack:

1 Can you login to your WordPress admin panel?
2 Does your website redirect you to another website?
3 Is your website listed as insecure by Google?
4 Are there any foreign links on your WordPress site?

The answers to these questions will help as you develop a game plan on how to move forward.

Hire a Professional

If you are the unfortunate victim of some malicious hackers halfway around the world then regaining access to your site is the most important thing. Some of us do not know the technical details when it comes to servers, codes, and whatnot. Others are simply not confident enough to clean up the compromised site. Hiring a professional will give you the peace of mind to know that someone qualified is working on your site. Most of these professionals have experience with these kinds of situations and are in a position to get you back in your site within a short period of time. Such a person will also clean up your site and remove any compromised files that the hackers may have added. Hiring a professional also saves you a lot of time and a lot of stress.

Talk to Your Hosting Site

Contact your hosting company before you begin any recovery activities. First, they have staff who are experienced with these kinds of situations. The support staff is familiar with the hosting infrastructure hence they are better placed to advice you on the way forward. They will help you identify the origin of the hack and whether it came from the server. The staff can provide you with information including the location of the backdoor. A good host company will also help you clean and regain access by restoring your site if they have secure backups.

Restore From Backups

This is the step where backups come in handy. If you have been creating backups for your site then you are lucky especially if your backups were regular. This will allow you to restore your site to a previous version from before the hack. You should know that any changes, images, videos and content published between the backup and the hack will be lost. However, I bet this is better than no site at all. Once you restore your site, uninstall any plugins that you do not trust and install more security plugins. Update your plugins, themes and WordPress core to the latest versions. After you have restored and updated your site, conduct a scan to detect any malware. This ensures that if there are any compromised files they are identified and proper action is taken.
If you do not have any backups or it will inconvenience you a great deal to lose content then you can manually identify the hack and remove infected files.

How to Recover a Hacked WordPress Site if you Still Have Access to the Back-end

If (after being hacked) you can still access your WordPress dashboard, use the following steps:

Change Your Passwords

The first thing you should do is change your login credentials. If there are other people with admin rights change their passwords too or tell them to change their passwords. While this will not flush out the hackers, it will prevent anyone who has acquired the login information illegally from gaining access to your site.

Scan the Site For Malware

Hackers usually gain access to your site through outdated plugins and themes. Once they are in they create a private backdoor through which they can access your site if you discover and remove the original point of entry. The backdoor is often hidden in the inactive themes, plugins, and directories. For this reason, once you regain access to your site uninstall any outdated plugins and themes. After this is done install and scan your site with an up-to-date security plugin or service, such as Sucuri. This will identify any foreign and suspicious files.

Remove Infected Files

Any files that will be identified by the security plugin should be deleted immediately. If you need any of them you can restore an up-to-date version after you have completed deleting all the infected files. This measure will ensure that you have removed all the backdoors the hackers had created therefore ensuring they no longer have a means of getting into your site and wrecking havoc.

Check User Permissions

Administrator rights are reserved for you and people that you trust enough. These are the only people who are allowed to make any changes on the site. Therefore after a hack, you should ensure that only you and members of your team have admin rights. Any suspicious users with admin rights should be deleted from the site immediately.

Change Your Security Keys

Security keys are generated by WordPress to encrypt passwords. If someone happened to get your passwords they could access your site if they are still logged on. You should change your security keys and replace them in the wp-config.php file.

Change Your Passwords

This may seem a tad too much but it is the price of security. Once you are done cleaning up your site change your passwords. While you are at it also change the following:

-Admin email address
-Hosting admin backend credentials
-SQL database password
-FTP login

Again the need to create strong passwords cannot be stressed enough. Make them as long and complex as possible. Mix uppercase letters with lowercase letters, symbols, and numbers.

After you have completed these steps then you can at least rest easy knowing that your site is secure for now. However, you have to know that keeping your site secure is a continuous effort. Change your password on a regular basis, always update your themes, plugins and WordPress core, scan your site for malware regularly and create regular backups.

How to Recover Your Hacked WordPress Site With No Back-end Access

Sometimes the hacker will try to lock you out of your site by hijacking the administrator account and changing the password or deactivating it. This means that you can no longer access the WordPress dashboard. If this happens do not worry as you there are still ways in which you can regain control of your site.

Change Your Password

There are two ways you can change your password. First, simply update your email address then request for a password change. Once this is done go back to the login screen and request a new password using the password recovery function. Alternatively, you can use phpMyAdmin which is usually provided by your hosting company to login directly to your site. Then change the passwords in the users table.

Assess The Damage

Now that you have gained access to your site the first thing you should do is examine how much the hacker has damaged your site. Check for the following:
-Which files were affected?
-Was any sensitive data compromised?
-Has the hacker accessed your database?
-If you have multiple sites, how many sites did the hacker infiltrate?

For some of the above concerns, you can use external sources such as Google Webmaster Tools. It is also important that you check your server logs. This will provide you with information such as when and how your site was hacked.

Scan Your Site

You need to scan your site to identify any infected files. Once this step is complete replace these files with uninfected backup files. After replacing infected files, scan the site for malware again. In case your site was compromised at the time you created the backup files the infected files should be identified and deleted. When scanning for malware you should use several security plugins and if possible couple them with external scanners. This way you are sure that if one scan misses something then another will pick it up. Now you can relax in the knowledge that your site is completely free of malware.

Update Your Site

Once you are sure your site is clean then it is time to update your site. Everything including applications, plugins, themes, and extensions should be updated. Also only use those plugins that you need. any others should be uninstalled since they only add loopholes that hackers can use to get into your site.

Remove Your Site From Blacklists

The consequences of having your site hacked into extends to more than just losing content and a ton of stress. You have to deal with being blacklisted by search engines. Once you are blacklisted by Google and the other search engines they will stop showing your site in their search indices. Your site will also have warnings informing visitors that your site is infected with malware. All these actions are detrimental to your good name. You can request for a site review after cleaning your site. The warnings will be removed once the search engines are sure your site is free of malware and any security threats.

Rebuild

Getting your WordPress site hacked can be severely devastating and demoralizing. In the event that your site is hacked follow the above steps to regain access to your site and clean it up. Though you will definitely suffer some setbacks such as lost content, visitors and rankings do not give up. Do not let a malicious hacker all the way around the world keep you from providing awesome content to the world. Take it as another challenge that life has thrown your way and work your way up. Prove to the hackers that nothing will stop you from making the most from the internet and your website. Take this as a learning moment and rebuild from the ‘ashes’.

[katb_input_testimonials group=”All” form=”1″]

Related

What to do if Your WordPress Website is Hacked (Step-By-Step Guide For 2018) was last modified: by
  • chandu says:

    Thank you for such a great and informative post.
    paytmmall coupons

  • >