Repair & Clean Hacked WordPress Website
The following guide will help you clean a hacked wordpress website which can be very stressful for web masters to wake up and find out that there WordPress website has been hacked by cyber criminalsÂ
If you need help with fixing a hacked website visit repair hacked website
The first thing to do if your WordPress website has been hacked by cyber criminals is not to panic and this can make the situation worse. Visit us today, we will fix your website and get your business back online in 24 hours.Â
How do WordPress websites get hacked
WordPress sites get hacked for a variety of reasons but the number one reason is failing to keep the WordPress core, plugins and themes updated.
There are other ways sites get hacked though, for example having weak passwords for logins such as FTP users. If someone can guess your password they can do anything you can do.Â
Another way that sites are hacked is to trick the an admin user to trigger an action which causes files to be uploaded.Â
What is a WordPress hack
The following are the common types of WordPress attacks we see from cyber criminals who try and hacked into a website.
Email Spamming
By far the most common hack we see; indeed we often identify this hack long before our client even spot it. A hacked site will start to send out large quantity of emails to lots of recipients.Â
Node in a bot network
Your site starts to send large amount of traffic to another address. In effect the attacker is using your server resources and Internet connection to try and force another site offline.Â
Malware Hosting
your site content is modified to include links to malware, viruses and other nasty things. This type of hack is one of the most obvious to visitors to your site and may result in your site being blacklisted in Google for having Malware.
SEO hack
Similar to the Malware hosting, again your content is modified and or new content is added. In this hack your site is being used to host content to help promote another site, product or service.
Defacement
Your content is simply replaced with new content belonging to the hacker. This could be a political message or simply someone saying they hacked your site. Defacement is the graffiti of the web but with far worse impact to reputation.
Cleaning a hacked WordPress website
Cleaning a hacked WordPress website requires many years of experience and knowledge to understand what your looking for and to ensure the website is 100% clean from malware and code.
The steps we take to fix your website include
We get a list of the plugins and themes you have installed, so we can use this later to restore those plugins.
We export your posts/pages/custom post types and we use the built in WordPress exporter rather than SQL dumps - as this will help limit potential issues with hacks within the database.
We isolate your files and we remove them from your httpdocs folder. Your site will briefly go offline as this happens. The files will still be on the server at this stage, but only accessible by our team.
We install a clean copy of WordPress on your site.Â
We will then move your media back to your wp-content/uploads folder after having checked for anything that looks suspicious and having used a virus scanner to check for issues. In some cases we may not move every file; for example where your site has .zip files in the uploads folder. We will always warn you of content we haven’t moved and why so you can review.
Next we import your WordPress posts and any other content. This also generates user accounts based on those pages. Each user account will be set to the author role by default. We will also set a single user as administrator, allowing you to login and make any changes to user settings.
Finally we install and activate your themes and plugins. We can only do this for publically accessible themes and plugins.
