All sites, whether they’re WordPress or not, can be hacked. Hackers will do their best to get in any way they can and the damage they do is heartbreaking. You risk losing your search engine optimization you’ve worked months (or years) to develop, your readers could get viruses or your content could redirect to unpleasant sites.
Strong passwords, a good webhosting company and a good back up solution are critical in preventing the hacking in the first place but what happens if it happens??
First thing is, don’t panic. That’s a lot easier said than done but do your best to keep calm so you can think clearly. The sooner you get onto it, the quicker your site will be back in business. The quickest way is to have a professional do the work for you but if that’s not possible, you’ll have to get your hands dirty and do it yourself.
First: What’s the Problem?
- Can you log in to your admin panel?
- What do you see when you view your site? Does it redirect anywhere?
- Do you have links on your site that you don’t recognize?
- Has Google indicated that your blog is insecure?
If you can get in to your admin panel, CHANGE YOUR PASSWORD
Second: Contact your Webhost
You’re not going to be the first person who called them while wringing their hands in distress. They deal with this every day and they know their hosting and how it’s set up. Get their instructions first. Who knows, it’s possible you aren’t the first one that day who’s been targeted. Your webhost might be able to give you a lot of information you couldn’t get any other way.
It’s possible you’ll get a kind hearted support person who’ll fix the hack for you. It does happen.
Third: Get Your Backup
If you have a good backup system, get a copy of your site that you saved before you were hacked. If you back up often, you won’t miss a thing and the problem will be fixed. If not, you could lose the most recent post or two.
Not having a backup isn’t the end of the world but you’ll have to remove the hack manually.
Fourth: Scan and Remove
If you have inactive plugins or themes on your server, get rid of them because hackers can use these as a back door into your site. A backdoor is any way to get to your blog that bypasses the password authentication process.
Now you need to scan your website to identify the hack. Sucuri is a malware scanner and has post-hack security actions. Theme Authenticity Checker can scan the themes on your blog to identify malicious or unwanted code.
Once you know what the problems are, you have two choices. You can manually remove the code (not easy for a beginner) or replace that file with the original file that will override the hack.
Check to make sure your plugin and theme folders match the original ones. Wash, rinse and repeat until you have no more hacks and your site is working again.
Fifth: Check Your Blog’s Users
If you see a user name you’re not familiar with, delete it!
Sixth: Change Your Passwords
I know you did it once but do it again. Not only your admin panel password but your cPanel, your FTP and your MySQL password too. Any passwords you have on your blog, change them again. Make any other user on your blog change their passwords too.
Finally, you’ve installed Sucuri and that’s a good thing to use to prevent this from happening again. Make sure that you keep your theme, WordPress and all plugins up to date. We see too many bloggers who don’t realize how important it is to keep their software updated. If a developer has found a glitch in his/her software, the update will block that potential hacker opportunity.