In recent times, we are seeing websites getting hacked around the world on a regular basis. Most of the hacked websites are based on popular CMS such as WordPress. As WordPress is used by a large portion of the websites around the world, it is also a big target for all kinds of hackers. Your website can get hacked due to some vulnerability on WordPress or by the lack of security from your side. Even if you have taken some steps to secure the website, a persistent hacker can find a way to hack almost any website. No matter how your website got hacked, you will need to keep calm and take the necessary steps to minimize the damage and restore your website to its original state. This step is given as a general guideline and not a full list of things that needs to be done. Website hacking can be in many forms, so the recovery process would also be different. You should be cautious and get help from a professional to get help for your specific situation. Now, let’s go ahead with your required steps:
Table of Contents
Back-Up Your Website
The first thing you need to do is get a full backup of your website as soon as you detect any unusual activity on the website. It’s important that you take regular backup of your websites before your website was hacked so that you can easily restore the website to a fresh state. But you probably did not take any backup before, so take it now before it gets even worse.
Check Your Computer for Malware and Install Anti-Virus
Your website can get compromised if hackers have access to your computer. So, install good anti-virus software on your computer and scan the entire computer for malware. Run a deep scan to find any known malware on your system. Your computer needs to be free from malware first if you are trying to clean up your website.
Change All The Passwords of Account and Sites
If your website is compromised, chances are that the hackers have access to your account too. You never know what information they got about your account. To stay on the safe side, change all the login password that connects with your hosting such as your hosting user account password, control panel (cPanel) password, WordPress login details – you get the idea. Anything that can be used to get back to your website needs to be changed. And don’t use easy passwords again. You can use a password manager such as LastPass to generate and save your passwords securely.
Notify Your Hosting Provider for Analysis
It is possible to get some help from your hosting provider when your website gets hacked. You can get some general idea about the attack and how you may approach to fix the problem. Sometimes the hosting company can guide you in the right direction in terms of fixing the site. So it is always a good idea to let them know.
Find The Cause of The Attack
It is important to figure out the root cause of your attack. Looking at the log file or the type of attack can sometimes reveal how it was done. Whether it was due to a weak password, a compromised client machine, or a vulnerability on the website itself, it is better if you could identify the issue with help from the hosting provider or another 3rd party.
Remove Unnecessary and Untrusted Plugins and Themes
In WordPress, you have thousands of plugins and themes for free to enable various features. So, it is very easy to get carried away and install plugins that you don’t really need. Now is a good time to go through your plugins and remove the plugins that you do not need. You might think you need that plugin that you installed months ago for something, but you don’t. You can always reinstall the plugins later if you want, but for now – stick to the bare minimum. The same goes for unused plugins. And if you are using any nulled plugins or themes, or something from an untrusted source, uninstall them quickly like a plague. If you absolutely want to keep some plugins, keep or install some WordPress security plugins such as Wordfence or All-in-One Wp Security plugins.
Update Your CMS
Websites get hacked due to outdated CMS, themes, or plugins. So, you should immediately update everything on your website. Next, as the malicious codes take nesting on WordPress core files, replace the WordPress core files with the official files. A lot of common threats can be mitigated with this.
Hire a Professional
A hacked website can be a mess. Hackers are doing their best to hide malicious codes in places where you might not think to look. So, it is recommended to take help from a security expert to recover from the hacked website, especially if you are not sure about how to approach when a website is hacked. Many things need to be checked on a hacked website to make sure there are no backdoors or any other malicious codes left behind by the hacker. The security expert can also help you determine the source of the attack and how to prevent this in the future.
Clean Up Malware
Whether you are recovering the website by yourself or hiring a professional to do it, it is an absolute must to go through all your files to check for any malicious codes. If it is available, use a malware scanner to check the website files. Most of the time, the malicious codes are written in some easy to detect codes such as base64. Look for any unusual codes on the files. At this time, you should also check whether or not some kind of cronjob has been set up with your account on cPanel or a similar environment.
Getting your website hacked is a nightmare for sure. As we all know, prevention is better than cure, you have got hacked on one website – that should prompt you to secure all the other websites that you have. After you have secured your website, follow this guide to minimize the chances of getting hacked again.