A sad reality regarding running a WordPress site is the fact that you can be a target for hackers. This is no reflection on you or your site but due to the vast amount of people using the world’s number one Content Management System (CMS) it has provided hackers with a larger target area for attack due to the amount of sites running a particular plugin or version.
The results of this can be catastrophic, with loss of search engine rankings, exposing your readers to attack, and worst of all losing your entire site in some cases – this is why it’s important to have parameters in his place such as specialised WordPress hosting and server backups. Alas, if you have already been hacked then it’s too little too late. Below, we’ll give you a few tips for cleaning up your hacked WordPress site.
Identify The Hack
There are a few things you need to identify once you have been hacked, including:
- Your ability to login to your admin panel
- Whether your site is redirecting to a ‘bad neighbourhood’ website
- Has your site been populated with bad links
- Has your website been penalised by Google
With these answered, it makes helping you a lot easier and the first step you need to take is to change your passwords prior to beginning isolating any threats and starting your clean up.
Talk To Your Hosting Company
We’ve had a variety of clients who have experienced hacked WordPress sites and our knowledgeable team have excelled at calming them down and guiding them through the hack. On top of this we provide a variety of insights such as where the hack originated, what was exploited, how the hacker got in etc.
Restore Your Site
Hopefully you’ll have been backing up your WordPress site at least once a month, and if you have then your losses will be negligible. If you haven’t been regularly backing your site up you risk losing a lot of your content, especially if you blog daily or have a readership who regularly comment on your news and views.
Go through the backend of your website and purge any out of date or inactive themes and plugins you might have been using – as touched on in our intro these are often the way you have been targeted and hacked and as a result it provides them a way to hack your website again once you’ve cleaned up your site.
Similarly, check the user section on the back end to make sure only you and the people you know have login access to the website. If you see any old users or unknown names then delete them immediately.
Change Your Password Again
You may be wondering why, seeing as you’ve changed it once at the beginning of the process, but you need to do it again just to be sure along with changing the passwords of any other accounts you may use that are related. Needless to say you need a strong password that uses a mix of numbers and upper and lower case letters.
These are quick fixes for a hacked WordPress site and sometimes it might not be this simple. If that’s the case, you need to get the experts involved.