WordPress Site Compromised: Now What
Experiencing a WordPress site hack can really be stressful. It will also affect your readership and business. In this article, you will find some guides to help you fix and recover your hacked WordPress website.
For the records, irrespective of the platform you are using, WordPress, Joomla, Drupal, etc. any website can be hacked. If your WordPress website gets hacked, your users might be exposed to viruses, you might lose your rankings on search engines, your reputation can be tarnished because of redirects to porn sites or other bad sites, and you can lose all the data on your site.
If your website is your business platform, then you should make security your top priority. That is why it is very important you have a WordPress hosting company that is very good. You should use managed WordPress hosting if you can afford it. Also, make sure you have a sound WordPress backup solution in place. Most importantly, have a very good web application firewall.
All the information above is awesome if your WordPress site has not been hacked yet. But if your site has already been hacked, here are some step by step guide to help you fix and recover your WordPress website.
Let a Professional Do it for You
The security of your site is something you should take very seriously. If you are not comfortable handling servers and codes, then it’s better you hand that aspect of your WordPress development to an enterprise app development company to take care it for you. This is because hackers usually hide their scripts in several locations enabling hacks to keep occurring. You can use the help of these professionals if you simply want peace, you are not tech-savvy, or you just don’t have the time. For those that want to do it themselves, you can follow the below steps to get your WordPress development cleaned.
Identify the Hack
When handling a site hack, you are under so much stress and pressure. Try to be calm and jot down every single thing you can concerning the hack. Here are some things that should be on your checklist:
• Is your WordPress site marked as insecure by Google?
• Are there illegitimate links on your WordPress site?
• Is your site redirecting you to other sites?
• Are you able to login to the admin panel of your WordPress site?
Make a list of all these because they will be useful as you talk with your WordPress hosting company.
Check with Your WordPress Hosting Company
Some good hosting companies are very helpful when it comes to situations like this. They have trained and experienced employees that deal with situations like this every day, and they have a better understanding of the hosting environment, this means they can give you better guidance. Begin by contacting site hosting and follow the instructions they will give you.
Sometimes it is not only your site that is affected by the hack, especially when you are using a shared hosting. Your hosting company might also be able to provide you with more information regarding the hack such as how the hack began, the location of the backdoor, etc. Sometimes your WordPress development hosting company might even clean up the hack for you.
Restore Your Site from Backup
If your WordPress site has backups you have created, then the best thing you can is to restore the site from a point at which it wasn’t hacked. If you can achieve this, then you are good to go. However, if you run a blog with daily posts and content, then you stand a chance of losing your posts, comments, content, etc. In cases like this, what you do is to weigh the pros and cons. If your WordPress site has no backup, or your WordPress site had been hacked for a while, and you want to restore your site and lose your content, then you can remove the hack manually.
Scanning and Removal of Malware
Scan through your WordPress website and uninstall every WordPress plugins and themes that are not active. Most of the time, hackers hide their backdoors in plugins and themes. Backdoor is simply referred to a means of getting the ability to remotely access a server without normal authentication while being undetected. A lot of smart hackers usually upload the backdoor first before other things. This enables them to get access again even when you have found and uninstalled the exploited plugin.
After uninstalling the inactive plugins and themes, you can go ahead and scan your WordPress site for hacks. You should consider installing Theme Authenticity Checker and Sucuri WordPress Auditing on your WordPress site. They are free plugins and are very helpful for WordPress development. When you have installed these plugins, Sucuri will scan your site and give you the integrity status of the core files in your WordPress site. In other words, the scan will show the exact place the hack is hiding.
The most common place they hide is in the directories of plugins and themes, wp-config.php, .htaccess file, WP-includes directory, and uploads directory. After that, run your Theme Authenticity Checker. If the theme checker finds any malicious or suspicious code in any of your themes, it will display a detail button close to the theme. It will as well display any malicious code it finds.
There are two options for you to fix your hack site here. You can either replace the code with the original code, or you can remove the code manually.
For instance, if the hacker modified the core files of your site, then you should download new files and re-upload, or you can download and re-upload all your WordPress core files to override all the affected files. Same thing applies to the theme files, download fresh files and use it to override the affected files. You should only do this if you did not change your WordPress theme codes else you will lose the codes.
Repeat this same process if you find any affected plugin also. You should also ensure your plugin and theme folders matches the original folder. Sometimes, additional files are added by hackers that look exactly like the name of the plugin (such as Adm1n.php, hell0.php, etc.), so they are easy to ignore. So you should make they don’t get you confused.
Kenneth Evans is a Content Marketing Strategist for Top App Development Companies, a research platform for top app development companies in the world. He has been contributing to various blogging platforms and Forums.Share This