What to Do When Your WordPress Site Gets Hacked
Is your website on WordPress hacked? It can happen to anyone. It can happen to people who are extremely careful, who don’t use vulnerable WordPress plugins, to people who have dutifully installed a firewall, it can happen to people who proudly use the latest in security plugins: websites get hacked. But what can you do if your WordPress website gets hacked? This is exactly what we’ll be talking about in this article.
However, there is a lot you can do to avoid your website getting hacked, and a lot you can do before a hack to mitigate the damage. We will also cover some of those topics. Don’t panic, and get stuck into the article. Here’s what we’d like to talk to you about:
If you can’t log in, that may mean that a malicious hacker deleted your user account or changed your password in order to prevent you from reversing the consequences of the hack. If you suspect you have been locked out of your website, try resetting your password. If you can’t reset your password, it is pretty much a telltale sign. However, even if you succeed in resetting a password, there is still a chance your website has been hacked.
Browser and Search Engine Warnings
Sometimes, a search engine such as Google or the browser developer will have tools to determine whether your website is exhibiting strange or suspicious behavior. If that is the case, your browser will display a warning when you attempt to access a website, while a search engine may display a warning to a user looking for the website specifically. In the case of Google, your website may have ended up on the URL blacklist. In either case, the warning will likely contain steps you can take in order to fix the problem.
Changes on the Website
Hackers often change the website itself, for whatever reason. If you find your website looks different, or that your theme has been changed, it is likely that the website has been hacked. Deliberate changes to the website, especially if they are very obvious, are called website defacement. Basically, somebody who doesn’t like your content intervened, or maybe they just did it for a laugh.
Changes to the website may be much subtler: perhaps nothing is gone, but your website now contains pornographic or otherwise unsavory content, or links to suspicious websites. A common practice is to inundate the navigation areas of the website with links which appear to have been added by you. Check the footer and the header and remove any suspicious content.
Sometimes a hacker will redirect users who want to access your website to a different website, most likely unrelated to anything your users wish to see, or else a website you don’t want your users being funneled off to. If that happens, this likely means that a redirect script has been added to your website, and that the problem is in your website’s code. This also likely means that you will need professional help, you don’t have strong technical skills.
If you suspect your website has been hacked, the first thing you need to do is put your website in maintenance mode. You don’t want your visitors accessing an unsafe website – it will hurt your reputation and bottom line. So, first, put your website in maintenance mode. If you can’t log in, you won’t be able to do this. Still, there is no room for panic. You need to put your website in maintenance mode as soon as you can. There are things you can do if you can’t access your admin area that can give you back control.
If you are using any kind of antimalware software, now is the time to do so. Scan your website for malware and follow any steps your software suggests.
To prevent hackers from regaining access to your website, change all your passwords and remove any users you are not familiar with.
Also, update everything. Obsolete software is a huge risk. Update your themes and plugins if you have any updates pending.
The steps described in the above section will get rid of most problems. However, a particularly pernicious hack may mean you need to reinstall your plugins and themes and/or reinstall your WordPress core installation. It is also a good idea to clean up your database.
This is why having a backup is indispensable. You have to be prepared for restoring a website from backup if worse comes to worst.
The majority of the article concerns such situations when you have already been hacked. However, there are a good number of things you can do in order to avoid getting hacked. To summarize:
keep your passwords safe
keep your website up to date
trim the dead weight
use best practices in terms of security
make regular backups
use adequate security software
But let’s break this down a little.
Firstly, there are passwords. Use best practices when creating passwords for your users, avoiding using names, dates, and dictionary words. We also strongly suggest using two-factor authentication.
Secondly, update everything. Always use the latest version of whatever software you’re using to run your website. This means themes and plugins. Additionally, make sure the plugins and themes you are using are tested with the version of WordPress you are using and that they receive regular updates.
Next, don’t keep anything installed that you don’t need. Deactivate and remove all unused themes and plugins.
Use SSL. SSL means an additional layer of security for your website. Your hosting provider will likely have a solution for you. If they don’t, consider switching hosting providers. Besides, there are many cheap SSL providers who can offer you different types of SSL Certs like RapidSSL, Comodo Wildcard SSL, ThawteSSL123, etc.. However, an insecure server is a liability, and you shouldn’t be paying for it.
Make regular backups in case you need to revert to a previous version of your website.
Finally, use security software if you can. Security plugins, firewall plugins, and various security services can mean a world of difference.
As it is so often the case, there is a lot to be gained by paying forward. The best thing you can do against hacking is not to get hacked in the first place, but the only thing to be completely sure that it won’t happen is more or less to live in a cave. The next best thing? Prepare for the worst, and don’t make it easy on the hackers with a rookie mistake.