Previously we wrote about how to prevent your site from hacker. Now, we will continue the discussion if the hackers has successfully hacked your site. So, how to fix this problem? Don’t go anywhere and please read entire article and hope it will be very helpful for you. And don’t forget to share this article if you find advantages after reading this article.
How to Fix if my WordPress Site has been Hacked?
WordPress is an extremely popular web platform, and because of its popularity it is often the target of hackers looking to “take over” pieces of your site for their own benefit. Hackers like to maximize the effect of their work, so they’ll often target widely installed plugins or themes with known security vulnerabilities. In most cases, your site was not targeted specifically, but was hacked because of some vulnerability in a plugin or theme installed on your site.
How to Know if my Site is Hacked or Not?
If you suspect you have been hacked, first make sure that you HAVE actually been hacked. We sometimes get panicked site administrators contacting us thinking they’ve been hacked when their site is just misbehaving or they are seeing spammy comments and can’t tell the difference between that and a hack.
You will see this indicator if your site is hacked:
- You are seeing spam appearing in your site header or footer that contains adverts for things like pornography, drugs, illegal services etc. Often it will be injected into your page content without any thought for presentation, so it might appear as dark text on a dark background and not be very visible to human eyes (but the search engines can see it)
- You do a site:example.com (replace example.com with your site) search on Google and you see pages or content that you don’t recognize and that looks malicious.
- You receive reports from your users that they are being redirected to a malicious or spammy website. Pay special attention to these because many hacks will detect that you are the site administrator and not show you anything spammy but will only show spam to your visitors or to the search engine crawlers.
- You receive a report from your hosting provider that your website is doing something malicious or spammy. For example, if your host tells you that they are getting reports of spam email that contains a link to your website, this may mean you have been hacked. What the hackers are doing in this case is sending spam from somewhere and using your website as a link to redirect people to a website they own. They do this because including a link to your website will avoid spam filters while including a link to their own website will get caught in spam filters.
Things You Need to Notice
There are 2 main factors you need to notice:
1. Local Network/Machine
It might be an idiot idea but we would recommend you to check it. When it comes to your local network/machine, you simply need to keep things clean and up-to-date. It’s a good idea (especially on a Windows machine) to regularly run a full malware and anti-virus scan. Please make sure that your software is up to date.
2. Your Hosting Provider
When you select your hosting provider, please make sure that they do daily backup everyday. Most of hosting provider already performs backup. This is important factor you need to ask when selecting a hosting provider. Ask them if they do daily backup or not. Please also you do backup everyday or you can run your schedule backup from your control panel. If it is not permitted, we would recommend you to purchase this addon.
Things You Need to do if Your Site has been Hacked
In the event that you have been hacked or think you’ve been hacked, follow the steps below:
- First things first, clean up your local machine (run anti-virus) and update everything.
- Next, log into your hosting account and check with them to see what’s going on. Make sure that you’ve actually been hacked. It may simply be that they’re experiencing a service outage for your site.
- While you’re in there, change all of your backend passwords (FTP/SFTP/MySQL) and the passwords for everyone who has access to your site.
- Close any backdoors the hacker may have left and secure your wp-config.php file.
- Update everything.
- Change your passwords again, just to be safe.
- Consider a premium security solution such as ASPHostPortal WordPress Hosting and/or Sucuri. HostForLIFEASP.NET is also good for those who would like to keep their shared hosting, but want some added security and support.
- Please make sure you follow tips to secure your WordPress site on our blog.
We hope you can find benefit on this article. Remember, you are responsible to your site, please don’t mess anything that you build from zero. We would recommend you to find reputable wordpress hosting provider to keep your wordpress safe.