How to Fix Your WordPress Site After It Got Compromised
Here’s how to fix a compromised WordPress site
You have been successfully running your website for a while, suddenly you find it has just got hacked. This is no less than a nightmare for website owners, especially those who are carrying out their business online. The brute reality of running websites today is they can get hacked anytime and from anywhere.
Currently WordPress powers most number of websites across the world than any other. According to W3techs, WordPress has 58.55% of the CMS market share — more than all other systems combined. Because of this overwhelming popularity, WordPress naturally becomes the most hacked CMS on the web.
Your compromised WordPress website can have a massive impact on your business and readership. Your search engine rankings could drastically drop, your readers could be exposed to viruses, your reputation could be sullied because of redirects to unacceptable websites, or worse still, you might lose your entire site data.
How to Know Your WordPress Site is Hacked
Even if your website has its basic security implemented in place, individuals with malicious intent can intrude via possible access points using various tricks and loopholes. So before proceeding ahead to fix your WordPress site, let’s find incontrovertible signs that tell your website is actually hacked. Following are some distinct warning signals:
- Unwanted and unexpected users are logged in on your site
- You can’t access your admin account
- Website traffic plunging all of a sudden
- The site redirects to another URL
- Unnecessary pop-ups emerging out of nowhere
- Website freezing continuously
- Errors show up in the browser
- Your homepage displays another website’s content
Regardless of how your site has been compromised, once you discover the hack, your most important goals are to repair your site, remove the damage, and to prevent it from happening again.
How to Fix a Compromised WordPress Site
Here are some effective tips for cleaning and fixing a WordPress hack:
1. Identify and locate the hack
WordPress is much more secured and preferred platform as compared to other CMSs like Joomla and Drupal etc. Thus developing a website in WordPress is the best option to secure your website from hackers. But the logical next step for fixing your WordPress website is to identify and locate the hack. This could be a stressful job if you have no expertise regarding the repair work. But even if you are not that much tech-savvy, you can still examine your site’s files and code for problems. Identification is easy and you can confirm the hack if – you can’t access your admin panel; search engines have marked your website as insecure, and your website redirects to another site.
In the most number of cases, cybercriminals attack at three critical points – .htaccess files; .php files; media files. These sites are highly prone to be exploited by hackers, particularly if you have unnecessary files cluttering up your site’s file folders. Hackers can insert hidden links to malicious sites, or embed code right in these files. One such dangerous trick used by them is to encrypt the code with base64 encoding, mostly at the end of .php files. This disguises links, malware, and other malicious codes.
2. Contact your hosting company
Choosing a reliable web hosting company in the first place can effectively thwart any cyber attack on your website. Nonetheless, the hack can still take place any time. So in this event, checking with your hosting company is a plausible step to take. You can get a lot of help from their end. There are fair chances that their support staff has already dealt with similar problems before, so they should be fully equipped this time as well. All you have to do then is follow their instructions. Sometimes the hack may have affected more than just your site, especially if you are on shared hosting. Your hosting provider may also be able to give you additional information about the hack such as how it originated, where the backdoor is hiding, etc.
3. Create a backup of what is left and restore from it
You might find it strange and counterintuitive to make a backup of a hacked site, but the fact is it still contains a lot more than just the corrupted system files. Some hosting providers automatically delete hacked websites from their servers. Since images and other media are hard to replace once they are gone, you can still keep a copy of them. For that, there are plenty of backup solutions for WordPress out there and you can also backup WordPress manually. Also in the event of a crash or a hack, you can restore the previous version from the backup. Even if you will lose changes that were made after the last backup date, you still have something rather than nothing at all.
4. Scan your website and remove the malware
Scanning your whole website is very important before the malware can be removed. This step is important because in case if any plugins or themes are not updated regularly, then there’s a chance that hackers could use outdated files to access your WordPress website. That’s why it’s a good idea to have a good WordPress security plugin installed on your site beforehand. Anyways, for malware scans, you can use scanner tools. These tools look for the irregular redirects, spam, malware redirects, malicious code, backdoors, and several other security issues in the number of pages of your websites.
5. Change your passwords and secret keys
Make sure you change all the passwords related to your WordPress site. That includes the password to access your WP dashboard, cPanel, MySQL database, FTP, Hosting Control Panel, SSH accounts, and any others that could help someone access your website. This will make your site even more secure and help prevent hackers from exploiting old passwords to regain access to your site. It is highly recommended that you should always use a strong password. Then, change your secret keys and salts to reassure that your WordPress website is safe and secure. After generating a new security key, you need to add it in your “wp-config.php file”.
Getting hacked is one of the most vexing experience, particularly for those website owners whose businesses depend upon their websites. As WordPress is the most popular CMS, hackers target it frequently. However, you can help prevent this by taking the security of your site seriously
Smith Willas is a freelance writer, blogger, and digital media journalist. He has a management degree in Supply Chain & Operations Management and Marketing and boasts a wide-ranging background in digital media.