WordPress hacked?

My WordPress Website Was Hacked. What Should I Do?

So, you’ve woken up one morning to discover that your WordPress website has been hacked. A cold, icy panic grips your body – this site is your livelihood. It’s where a lot of your business is conducted. It can’t be hacked; it’s far too important. However, there are a few things that you can do in the event of a hack, and we’re going to be looking at them here. So calm down, take a deep breath, and let’s see if we can’t find an answer together.

Identify The Attack Vector

When it comes to the malware, you need to know how it got into your site, to begin with. This will involve identifying if the weakness in your site was down to a password, or if it was a complex problem. It’s crucial that you know how hackers got in so that you can stop them from doing so again. Check if your plugins have known vulnerabilities, you can use our WordPress vulnerabilities database. You can also analyse your website access logs. For most Apache users, it is stored in /var/log/apache2/access.log.

Make Sure That You Change Your Passwords

If you have a hacked site, then it is possible that your passwords are at risk. If hackers have the passwords to your site, then it is possible that they can directly go back onto the site in the future and insert malicious software into it again. Thankfully, WordPress has always made it quite easy to change passwords, but just make sure that they are entirely different from last time and are also as secure as possible. You should change your FTP and database password too.

Restore Your System From A Backup

Restoring your system is an excellent way to counteract a hack without losing too much data. If you have a restore point for your website and/or customer database, then you can avoid data loss by uploading that in place of the corrupted version.

Destroy The Hack

Now that you’ve gotten those bits out of the way, it’s time to move onto the process that most people might be thrilled to do, and that is to remove the hack from your system completely. You can follow our removal guide: How To Clean A Hacked WordPress Site On Your Own. However, it’s advised that you never try and do it yourself in case something is missed, so trust professionals and contact us. We have extensive knowledge of hacks aimed at WordPress sites, and should easily be able to help, so they’re worth looking into.

Overall, these are the main steps that you should take if your WordPress site has been compromised. These will all help to make sure that no matter what, you can restore your site back to full working order and also purge it of any problem elements. If you remain calm and act quickly during a hack, you’ll be able to prevent it from getting out of hand or damaging your business too extensively.

Jack K.

Similar Posts

Flagged Website - Google Safe Browsing

What To Do If Your Website Is Flagged For Malware By Google

Google is very pro-active when it comes to protecting the safety of their customers. They scan millions of websites each day, looking for ...

WordPress vulnerability that allows file deletion

Latest WordPress vulnerability disclosed and it poses a danger to all versions including 4.9.6

Yesterday a security research team from RIPSTECH disclosed WordPress vulnerability that affects all latest WordPress versions including the ...

SEO spam on hacked WordPress sites

What Is SEO Spam And How Can It Hurt Your WordPress Site

Almost half of all malware attacks against websites involve SEO spam. This type of attack is performed by Black Hat SEO’s and hackers ...

Leave a Reply

Your email address will not be published. Required fields are marked *