First and foremost, no matter which platform you’re using, WordPress, Drupal, Joomla, etc — any site can be hacked!
In our earlier posts, we discussed the signs that a WordPress site is hacked. Now we will tackle how to fix a website that has been compromised.
We all know, WordPress is the most popular platform. Because of sheer volume and the number of WordPress websites online, it’s the most hacked CMS on the web. That’s one of many reasons why it’s so important to learn to keep your site secure.
But even if you have basic security implemented on your website, people with malicious intent can still find access points through numerous tricks and loopholes in your website’s code.
When your WordPress site is hacked, you can lose your search engine rankings, expose your readers to viruses, have your reputation tarnished due to redirects to porn or other bad neighborhood websites, and worst lose your entire site data.
If your website is a business, then security should be one of your top priorities.
The steps you need to take will depend on the way in which your site has been hacked, and you may not need to work through all of these. The steps we’ll go through are:
- Stay Calm, Don’t Panic
How do you clean a hacked WordPress site? Well, the first step is to take a deep breath. Having WordPress hacked isn’t the end of the world and all is not lost. Being stressed or angry will do you no good and it takes your concentration away from recovering your website. 2. Put Your Site in Maintenance Mode
- Put Your Site in Maintenance Mode
You don’t want visitors finding your site in its compromised state and you also don’t want them seeing what your site will look like while you’re fixing it.
So put it into maintenance mode, if you can.
A plugin like Coming Soon Page & Maintenance Mode will let you put your site into maintenance mode, making it look as if it’s undergoing scheduled maintenance rather than being fixed after a hack.
- Locate The Hack
Go through this quick list of questions. Ask yourself:
- Are you able to log in to your WordPress Admin Panel (yourwebsite.com/wp-admin)?
- Is your website redirecting you to some other website?
- Does your WordPress website contain any illegal links?
- Has Google already marked your website as insecure
- Contact Your Hosting Company
Your hosting company should be very helpful in these kinds of situations. The ones with experienced staff have faced these kinds of a problem before, so they should be well-equipped to help. That’s why before doing anything yourself, get in touch with your hosting provider and follow their advice.
- Reset Passwords
Since you don’t know which password was used to gain access to your site, it’s important to change all of them to prevent the hacker from using them again. This isn’t confined to your WordPress password: reset your SFTP password, your database password, and your password with your hosting provider too.
- Restore from Backup
If you have backups for your WordPress site, then it may be best to restore from an earlier point when the site wasn’t hacked. If you can do this, then you’re golden.
However if you have a blog with daily content, then you risk losing blog posts, new comments, etc. In those cases, weigh the pros and cons.
Worst case, if you don’t have a backup, or your website had been hacked for a long time, and you don’t want to lose the content, then you can manually remove the hack.
- Scanning & Removal of Malware
Look at your WordPress site and delete any inactive WordPress themes and plugins. More often than not, this is where hackers hide their backdoor.
Backdoor is referred to a method of bypassing normal authentication and gaining the ability to remotely access the server while remaining undetected. The first work for a smart hacker is to establish a backdoor so that he can regain the access after you locate and remote the first point of entry (usually a vulnerability in an outdated plugin or theme).
Once you have done that, now go ahead and scan your website for the hacks.
One of the best way to avoid hackers accessing your website through outdated plugin or theme files is simply to keep everything up-to-date!
- Check User Permissions
You must check the user permissions of all your WordPress users. Double check that only you and your team members have access to admin accounts and that the permissions of other users haven’t been tampered with.
- Change Passwords and Secret Keys
Be sure to change all the passwords related to your WordPress site. That includes the password to access your WP dashboard, cPanel, MySQL database, FTP and any others that could help someone access your website.
If a password generator is available, be sure to use it to ensure your password is strong, unique and not easy for a hacker to guess.
After taking these steps, the hack has been cleaned and your WordPress website is secure. But that doesn’t mean that they won’t try it again. WordPress security has to be a continuous effort because those with malicious intent will never stop trying to gain access to your site.