Back
WordPress hacked?

My WordPress Website Was Hacked. What Should I Do?

So, you’ve woken up one morning to discover that your WordPress website has been hacked. A cold, icy panic grips your body – this site is your livelihood. It’s where a lot of your business is conducted. It can’t be hacked; it’s far too important. However, there are a few things that you can do in the event of a hack, and we’re going to be looking at them here. So calm down, take a deep breath, and let’s see if we can’t find an answer together.

Identify The Attack Vector

When it comes to the malware, you need to know how it got into your site, to begin with. This will involve identifying if the weakness in your site was down to a password, or if it was a complex problem. It’s crucial that you know how hackers got in so that you can stop them from doing so again. Check if your plugins have known vulnerabilities, you can use our WordPress vulnerabilities database. You can also analyse your website access logs. For most Apache users, it is stored in /var/log/apache2/access.log.

Make Sure That You Change Your Passwords

If you have a hacked site, then it is possible that your passwords are at risk. If hackers have the passwords to your site, then it is possible that they can directly go back onto the site in the future and insert malicious software into it again. Thankfully, WordPress has always made it quite easy to change passwords, but just make sure that they are entirely different from last time and are also as secure as possible. You should change your FTP and database password too.

Restore Your System From A Backup

Restoring your system is an excellent way to counteract a hack without losing too much data. If you have a restore point for your website and/or customer database, then you can avoid data loss by uploading that in place of the corrupted version.

Destroy The Hack

Now that you’ve gotten those bits out of the way, it’s time to move onto the process that most people might be thrilled to do, and that is to remove the hack from your system completely. You can follow our removal guide: How To Clean A Hacked WordPress Site On Your Own. However, it’s advised that you never try and do it yourself in case something is missed, so trust professionals and contact us. We have extensive knowledge of hacks aimed at WordPress sites, and should easily be able to help, so they’re worth looking into.

Overall, these are the main steps that you should take if your WordPress site has been compromised. These will all help to make sure that no matter what, you can restore your site back to full working order and also purge it of any problem elements. If you remain calm and act quickly during a hack, you’ll be able to prevent it from getting out of hand or damaging your business too extensively.

Jack K.

Similar Posts

WordPress site hacked after restore

My WordPress website got hacked after restore. Again! Why?

Quite often we hear about the repeated security incidents related to WordPress sites. This is not something specific to WordPress sites, ...

PCI compliance WooCommerce

What is PCI compliance and do you need it for your WooCommerce store

PCI compliance or more precisely PCI DSS (Payment Card Industry Data Security Standard) developed by the Payment Card Industry Security ...

WordPress / WooCommerce secure

Is WooCommerce Secure? Is WordPress Secure?

The WordPress and WooCommerce websites that we run and maintain can be potentially problematic when you consider that they’re not always ...

Leave a Reply

Your email address will not be published. Required fields are marked *