Your security scans have come back positive and it’s confirmed: your website has been successfully infiltrated. And when it comes to WordPress website, “hacked” is never a word you want to hear. What do you do? Let’s walk you through the process of how to clean a hacked WordPress website and what next steps you should take to recover.
We all know, WordPress is the most popular platform. Because of sheer volume and the number of WordPress websites online, it’s the most hacked CMS on the web. That’s one of many reasons why it’s so important to learn to keep your site secure.
But even if you have basic security implemented on your website, people with malicious intent can still find access points through numerous tricks and loopholes in your website’s code.
Suppose we find ourselves in a worst-case scenario and someone has gained access to your WordPress website. What now?
Steps To Take After Your WordPress Site Has Been Hacked
If your WordPress website got hacked, don’t panic and follow the steps below to bring it back to normal.
Get a hold of your website backup.
The first step you should take after your site has been hacked is to look for any backups you may have of your site. If your backup has been stored on the same server as your website, it’s highly likely that backup isn’t there anymore – or has been corrupted. That’s why it’s never a good idea to store your website’s backup in the same place where you store your WordPress website.
There are three likely places where you might have a backup of your WordPress website:
- Inside your WordPress backup plugin service.If you’ve installed a WordPress backup plugin, chances are they’ve stored a backup of your site on their cloud service or a cloud service like Google Drive or Dropbox.
- In your account in the cloud. Check out your Google Drive, Dropbox or other cloud services if you have a manual backup of your website you might have put there by yourself.
- With your hosting provider.If you didn’t invest in a WordPress backup plugin or were too lazy to manually backup your website, your last bet is to contact your hosting provider since it’s highly likely that they also regularly create a backup of your website on their server.
If you can find a backup from one of these places, you’re good to go. All you have to do is restore your website either manually, or using one of the plugins where you created the backup, or by asking your hosting provider to do so.
Remove all your unused/outdated themes and plugins.
As we’ve mentioned above, themes and plugins are one of the easiest ways hackers gain access to your website. The more unnecessary and unused plugins you have, the more vulnerable you leave your website to unsuspecting attacks.
That’s why the moment you restore your backup, here are three important steps you should take:
- The first thing you want to do is browse the list of plugins and themes you have and delete the ones you haven’t used in a long time, especially the deactivated ones.
- Another important thing you should do is look out for plugins and themes that haven’t been updated in a long time. Because the longer a theme or plugin goes without an update, the more security holes it leaves in your WordPress backend.
- The final thing you want to check is whether your site is using a free theme or not. If you’re using a free theme, consider upgrading to its paid version or another paid theme as those provide better security to your WordPress site.
Many people assume that since they’ve deactivated a plugin or theme, it can’t cause harm to their WordPress backend. But that’s untrue. The plugin, even if deactivated, is still installed on your server and occupying space, which means hackers can still access it.
And finally, once you’ve deleted all the unnecessary plugins and themes, update the ones you plan to keep to their latest versions.
Update all your usernames and passwords.
One final thing you should do is update your WordPress username and password. Since your WordPress site was recently hacked, doing this is a good idea since it’s the best way to protect yourself from future attacks.
Here’s what you can do to fortify your WordPress login information:
- Frequently change your WordPress login password every few weeks.
- Stop using the default username i.e. ‘admin’ or similar. Instead, use a unique username.
- Generate a strong password using a service like LastPass and store your password inside it for maximum security.
Not only are these tips applicable to your WordPress login info, but they are also useful should you want to update your hosting account or FTP account password.
Another way you can protect your website from being attacked again is by hiding the ‘wp-admin’ directory and by limiting the number of login attempts that can be made to enter your WordPress. Both these things can be done by using the WPS Hide Login and WPS Limit Login Attempts plugins.
Contact TheWebOrion.com to secure your WordPress website by the expert.