Fix Hacked WordPress
Have you had issues with your site being compromised by malicious software, or code injections causing redirects to sites that are not connected to you in anyway? Fear not, we are here to help and advise you on the steps to take to remedy this.
The winter nights are coming closer, it gets cooler, colder and the says shorter. Your Wordpress site is seeing more and more hits as people spend more time online browsing. It may be cold outside, but you are warmed by optimism as your traffic increases. All is going well, your site looks pretty gosh darn spiffing, your theme looks great and those new plugins you installed have made updating the Wordpress site a doddle! You close your laptop in the knowledge all is well and feel good about your efforts.
The following day, you come home from work and open up your site. A page for a… lets just say bare lady and men bits opens up. You quizzically wonder what’s happened here… typing in the address for your Wordpress site and it opens again, with a pop for performance enhancing drugs… I mean the ‘stick-up’ not ‘stack-up’ kind. It’s clear, you have been hacked… but why? Why would someone hack your site, you don’t have any enemies… you’re dumbfounded. But also at a loss as to how you should go about remedying such an issue.
Well there is a solution for this issue, and follow the steps below to find a solution to your ongoing issues.
First you need to find out exactly what is happening with your Wordpress site. Are you sending spam to your customers? Is there a strange redirect occurring when your click on links or images on your Wordpress pages? Or are are there signs of phishing attempts on your Wordpress site?
I’ve spoken about some of these issues before, in this blog post.
The first step, and one I always say is “Stay Cool”… panicking will not resolve the hacking issues you are facing, nor will it make the hackers go away. Keep a calm head and proactively attack and respond to the problems.
- First you should log into your Wordpress site host and go to your ‘Account Management’ settings.
- From here you can navigate to ‘Manage’ then the ‘Settings’ option.
- On the ‘Settings’ page click on ‘FTP Users’ and amend, modify or even completely change the permissions, passwords and reduce the opportunities for anyone to access your account.
I always recommend updating and changing your passwords on a frequent basis (monthly if possible). This will move the goalposts for those hackers who use software to ‘brute-force’ access to your Wordpress admin or site host.
If you’re not sure what to do from here, you can always contact us to ‘Hire an Expert’ who can not only walk you through the process, but also advise you on what to do following this.
After you have updated your passwords, log in to your Wordpress Dashboard and update all your plugins, usually the vulnerabilities are to be found in plugins that haven’t been updated on a frequent basis, or even for a long period of time. This is where hackers continually find exploits in order to manipulate a seemingly innocuous website to do their bidding. Don’t give them the opportunity by overlooking updating your Wordpress plugins, when prompted… update!
For continual security and exploit scanning of your Wordpress database and files download the Fixhacked scanner, this runs in the background of your Wordpress site with minimal performance impact and alerts you to any issues that may crop up. Installing the scanner is easy and requires the download of a .php file which can be uploaded to your Wordpress site and activated from there.
- Download the simple to use exploit scanner from www.fixhacked.com
- Upload this scanner to your Wordpress site, it works just like installing a plugin.
- Let the scanner do the work, the scanning of your files.
- Following the scan, we tell you which files are corrupted and which could be exploited. Providing you with a solution to any exploitation issues you may have. Giving you the opportunity to clean these up quickly and efficiently.