What to do When Your WordPress Site is Hacked?
“Piracy only affects new unpopular WordPress sites.”
False. Hackers target newly created, old, and well-established websites. The hacking rate of WordPress sites is alarming. In this article, I will try my best to share What to do When Your WordPress Site is Hacked, so keep reading the post until the end.
But before seeing what you should do if your site is hacked, first identify the signs of a compromised site.
Most hacking incidents result from a data security breach. Hackers can access sensitive information from the website or company, such as passwords and usernames. Cybercriminals can enter in person or through software.
- A sudden drop in traffic
- Bad links appearing on the site, especially at the foot of the page
- The homepage of the site is disfigured
- You cannot connect to your website
- Suspicious or spam user accounts are displayed, potentially compromising the administrator role
- The website is not responding or is slower than normal
- Unknown scripts and files on your server and in particular in the file/wp-content /
- Unable to send or receive email from the WordPress site
- Suspicious scheduled activity
- Pop-up ads on the site
If you find any of the above signs, your website has likely been hacked. It is easy to feel helpless, frustrated and inundated at this point, but you need to remain calm and resolve it.
Keeping an eye on all this is not always easy. This is where solutions like WP Security Audit Log to help understand what’s going on. Such a tool plays a vital role in protecting your WordPress site.
What you should do to fix the mess
- Contact your host
Typically, good hosting companies are helpful in such situations. Those with technological know-how and experienced employees have already faced these problems and can help you quickly.
If your site is on a shared server, you can find out if the hacker used another website on the server to access yours. In this case, the host can show you how hacking started and spread. They can also inform you of the location of your site’s backdoor.
To ensure that your site remains secure and that if it is hacked, you will have a team of solidarity hosts by your side. We recommend that you opt for trusted companies such as SiteGround, WP motor ou Kinsta.
If you don’t know where to start (they all offer different options at variable costs), our WordPress hosting guide should help. There are other fantastic hosts too, but these are the ones we have used most often and have always supported us.
- Hire a professional
If your site has been hacked and you want an expert to clean it up quickly, we recommend contacting a professional for help. An infiltrated site generally deteriorates over time. That’s why you should call an expert to fix the problem and protect the site.
We have worked with some trusted companies in the past, including Sucuri et Malware both offer excellent service and are highly qualified in these areas.
- Restore the previous version of the site
If you’ve been diligent in creating backups for your WordPress website (that’s why we highly recommend using BlogVault’s services ), you have a golden moment. The site version must be restored before hacking.
When restoring the old backup of your website, always keep in mind that the whole site will revert to the previous version. This means that gallery images and other changes to the site may be lost. However, an old but clean website is worth more than a compromised site.
After successfully restoring the old version of your site, remember that it is still not safe from hackers. So you need to act quickly to add a level of security and avoid common malicious activities and threats to cybersecurity in the future.
- Check the permissions of your site.
If you can access your website’s dashboard, you should be able to check the permissions of WordPress users. Confirm that only you and your team can access administrator accounts and that no one has tampered with the permissions of other users.
If you meet new suspicious users, delete them immediately.
- Change all passwords for your website.
Make sure to change the passwords you use to access cPanel, the WordPress dashboard, the FTP client, the MySQL database, and any other means that allows third parties to access the website.
Now you have to find new secure passwords that can give headaches to even the best hackers. Consider using a password generator or a complete sentence with spaces, letters, symbols, and numbers as passwords.
Frequently Asked Questions
How do I know if my WordPress site has a virus?
1. Visit any site checker website.
2. Enter your site URL
3. Scan the website
4. Review the reports that shows potential virus present in your website if any.
Why does WordPress get hacked so much?
1. Hosting platform with low securities measures
2. Using insecure and nulled themes and plugins
3. Use of weak login password
4. Not securing wordpress admin login page
5. Not keeping up to date with latest version of themes and plugins
What are signs that a website has been hacked?
1. You get drastic drop in your site traffic
2. Your site searches are redirected to different URL
3. You get a ransomware message
4. Your site speed decreases noticabely
5. You get unwanted pop up while browsing your site
How do I secure my WordPress site?
1. Change wordpress default login username and password.
2. Change the default admin login url i.e. www.xyz.com/wp-admin
3. Disable file editing
4. Disable PHP file execution
5. Limit Login attempts and enable double authentication
If things got complicated then hire a professional to handle the fuss.
After implementing the above steps, your site is secure. But you shouldn’t relax after that because WordPress security should be an ongoing effort.
Remember to install the WP Security Audit Log plugin, which keeps a record of all the changes made to your website. This can be useful during post-piracy court investigations, as I explained above.