Menu
Menu

What to do if your WordPress website is hacked

Difficulty: Intermediate

When you’re running a website, whether it’s for personal use or for your business, you’ll run the risk that it will end up hacked.

This risk is often heightened if you’ve got a WordPress website. This is because WordPress is so popular - in fact, WordPress powers 25 percent of all sites across the web. The next two most popular content management systems - Joomla and Drupal - power less than five percent of websites combined. Because there are so many WordPress websites, they can often become a target for hackers. So what do you do if you find your website has been hacked?

Is it hacked?

The first thing to determine is whether or not it is actually hacked.

It is easy to stress out and assume your website has got hacked, when in fact it is a whole separate thing that has gone wrong.

So how you can tell whether or not your website has been hacked? There are a few telltale signs that you should look out for, including:

  • Being unable to log into admin panel
  • Being sent a warning from security plugins
  • Your website is redirecting you to another website
  • The website has been marked as insecure on Google
  • Sudden spikes in traffic
  • Web hosting causes your website to go offline

I’ve been hacked - now what?

You’ve confirmed your WordPress website has indeed been hacked - now what do you do? There are a few steps you can follow.

  1. Do a backup

    Sometimes the hack will have originated from your computer, rather than from your WordPress website. It’s important to scan your computer to check whether you have any malware which could be tracking your key logs. If your computer does not have any malware or viruses, you will know it was your website which was originally hacked, and not your computer.

  2. Scan your computer

    Sometimes the hack will have originated from your computer, rather than from your WordPress website. It’s important to scan your computer to check whether you have any malware which could be tracking your key logs. If your computer does not have any malware or viruses, you will know it was your website which was originally hacked, and not your computer.

  3. Contact your hosting company

    Hosting companies will be familiar with what you need to do when your website is hacked. Once you know your website has been hacked, you should consider contacting your hosting company. They may be able to step you through what you need to do to fix the hack, or even fix the problem for you.

  4. Check permissions and details

    When a hacker gains access to your website, they will often change permissions and other security details so they have easier access in the future. Make sure you check whether there have been new users added. If any users look unfamiliar, remove them. Consider changing your password to boost your levels of security.

  5. Hire a professional

    As much as we like to think we know everything, sometimes hiring a professional is the best answer. After all, your website is something you want to make sure you have complete control over, particularly if you’re using it for a business. You may be able to fix some hacked areas, but not others, meaning you may end up with further problems in the future. A professional will know exactly what to look for and will be able to remove every corrupted file.

If you’re going to try and restore your WordPress website on your own without a professional, there are a few things you should be aware of. These include:

  • Try and restore elements of your website rather than getting rid of the entire website to start from scratch.
  • Reinstall the same version of your website as you are currently using, not older or newer.
  • Do not use the reinstall options in your WP-ADMIN, instead, use your FTP / SFTP application to drag and drop the versions.
  • The .htaccess file is the one most often used for hacking activities. You can find this file within your installation folder, but can also be found within other directories as well.
  • Make sure to be careful with the following files, as they can impact page requests:
  • - index.php
  • - header.php
  • - footer.php
  • - function.php

 

Once your site has been recovered, it’s recommended to remember to change your password, as well as implement necessary security measures to ensure a hack will not occur again.

Shares