Security, WordPress

Don’t Panic! What to do if WordPress is Hacked


Tweet about this on TwitterShare on FacebookShare on LinkedInEmail this to someone

Realizing that your WordPress Site has been hacked can be very upsetting. Your site was working well and then all of a sudden it disappeared.

During this distressing time it’s important to keep in mind that hacks rarely equal a total loss.

Many sites go through a hack and come out stronger and better designed on the other end. When WordPress is hacked, there are a few simple steps to take to get started on the road to recovery.

1. Don’t Panic

Remember to remain calm. It’s much easier to fix an issue when you are able to think clearly.

If you are feeling particularly frustrated or upset, take a quick break. Go for a short walk or have a cup of tea. Your site will still be waiting for you when you get back.

2. Security Starts At Home

Many malware attacks come from your local computer. In many cases it’s the easiest way to gain access to your site. To help ensure that this doesn’t happen again or to any of your other sites, you will want to run a full malware/virus scan on your computer as soon as possible.

PC Users can take advantage of Microsoft’s Free Malicious Software Removal Tool here. There are also many security apps, such as Bitedefender freely available for Mac users.

3. Access WordPress

Try to Access the WordPress Login Panel. If it’s still accessible make sure to reset your password. Interested readers can find a refresh on password strength at ‘Lock it Down: How to Keep Your Site Secure‘.

If you are unable to access your login panel, remember, don’t panic. There is a workaround using PhpMyAdmin to bypass the WP-ADMIN settings. A simple tutorial video showing this method for resetting your password can be found here.

4. Find the Bug

Once access to the site has been regained it’s time to find any hidden malicious software. There are a number of plugins available to help you with this process. pair Networks recommends that our customers install the following plugin to scan your account for any hidden malicious software:

 

Wordfence is a popular security plugin that offers in-depth and frequent malware scanning,  detection, and prevention.  Free and Premium plans are available for use.

Please keep in mind that you will need to scan all files when searching for Malware. This means that you will want to ‘unhide’ any hidden files on your system.

Finding all hidden malicious software can be tricky. It’s like trying to remove an infestation from your home. Malware doesn’t want to found. So it often tries to hide in seldom accessed places (think plugin or upload files) and cover its tracks by using unsuspicious looking code or harmless sounding names.

Also like an infestation, if any malware is overlooked and left on your site, then the hack can easily happen all over again at a moment’s notice.

For non-technical users finding all malware can be a bit daunting. We recommend seeking the assistance of a well-working security program and/or Support personnel.

5. “An Ounce of Prevention is Worth A Pound of Cure”

Sometimes we can only learn from experience. It might take an unfortunate scenario before realizing that a hack can happen to anyone. Once the site has been cleared of any malware it is time to do two things. First, learn from our mistakes. Second, try to prevent a security lapse from happening again.

Update All The Things

  • Your WordPress Installation
  • WordPress Themes
  • All WordPress Plugins
  • Any Security Applications on Your Personal Computer
  • Make Sure Your Word Hosting Account is also up-to-date

 

Review Password Strength, Renew Your Keys

Readers can find a quick refresh on password strength here. Remember, even if you change your password, malicious users may still remain logged into your account if their cookies are still active. You will need to overwrite and replace your old keys within the wp-config.php file. New Keys can be generated here.