Every website and/or online business owner shares a common fear – having a website hacked.
One of our biggest fears is seeing that notification from our security scan, our website host, or maybe even our Google Search Console, that tells us we have a problem, and hackers are a very real issue that we need to arm ourselves against.
However, in the unfortunate event that you find yourself victim to hacking, don’t panic!
There are several steps that you can take to handle these situations, and to protect yourself from future attacks.
Powering over 34 percent of the world’s websites, WordPress is by far the most popular Content Management System (CMS) available.
Thanks to this number, however, it’s also the most infiltrated CMS. Thankfully, there are countless tutorials, plugins, and informational pages available through WordPress and its users that can walk you through every step of securing your site and recovering from a breach.
Below, we’ll discuss a few steps you can take if you’ve suffered from a hack attack.
STEP ONE – Don’t Panic and Document What’s Happening
Chances are, if you’ve had your website hacked, your stress levels are running high.
Go ahead and take a deep breath, remain calm, and start taking note of what you see by answering some questions:
- How did you discover the hack?
- Did you receive an alert from your malware scan?
- Did your website hosting inform you?
- Did you get a warning from your browser, or from Google Search Console?
- Are people telling you that your site is redirecting them somewhere else or being blocked by their own Antivirus software?
- Are you unable to log in as an admin for your site (yourURL.com/wp-admin)?
- Has your site been blacklisted or disabled by search engines or your host?
- Do you see links on your website that you didn’t authorize and/or are illegal?
- Are you noticing other strange occurrences?
If you answered “Yes” to any of those questions, this is an Indicator of Compromise (IoC) and it’s time to document anything and everything unusual, then look into taking the next step.
Again, deep breath! Even if you answered “Yes,” there are plenty of ways to go about reporting and/or fixing the problem, so keep your mind calm and clear so that you can focus on ridding yourself of the problem.
It is important to document when you first discovered the hack, when the website last looked healthy, whether you did any recent changes, and whether you have any recent backups in place.
STEP TWO – Contact Support Through Your Hosting Company
Whether you host through wordpress.com or a different host (such as BlueHost or SiteGround), it’s important that you notify them the moment you notice a hacked website.
Keeping them informed of potential (and verified) hacks will help you in several ways:
Their support team will be very familiar with addressing such issues and can help you resolve them.
If your site is on a shared server with other sites through your host, you can find out if the attack was spread to your site from someone else’s and vice versa.
They can often track the breach and find out how the hacker was able to get into your site. If they can find out how they got in, they should be able to keep future attacks from getting in the same way.
Contacting your hosting company should always be the first thing you do before trying anything manually on your own.
In most cases, they’ll be able to correct the problem for you. If, for whatever reason, they can’t or won’t, don’t worry yet! There are still several things you can do on your end if the ball finds its way back in your court.
Check with your hosting provider whether any level of account backup in included in your plan and make sure you have access to it for the potential step three below.
STEP THREE – Hire a Professional
If your hosting site is unable to assist you in restoring security to your website, there are plenty of other professional options you can pursue.
If you have the means through which to do so and wouldn’t call yourself “tech-savvy,” this is the recommended route. A professional will have the expertise and tools necessary to clean your website quickly, thoroughly, and correctly so that damage doesn’t spread or worsen.
MalCare and/or Wordfence are two reputable and extremely effective WordPress plugin that can do this for you, and it’s entirely free!
Malcare in particular won’t slow down your site or remove content and coding that you put in yourself. Instead, it prides itself on resolving issues within 60 seconds and removing any unwanted coding without affecting the surrounding data.
The best thing about MalCare, however, is how intuitive and user-friendly it is. There’s a feature for one-click automatic malware removal that takes care of the removal process entirely and permanently.
Wordfence on the other hand can provide full website cleanups in the even of a hack – you can check about their services here.
However, if you feel confident in your tech-based capabilities and would prefer to take care of the issue manually on your own, there are several ways to address a hack.
f you’re looking for other options when it comes to software options this wordpress security plugin article from CollectiveRay has a complete roundup of the best options out there right now.
STEP FOUR: Manual Repair
There are a number of ways that you can address an attack to your site, but you’ll need to choose which method will work best given what preparation you’ve done for such a situation and what kind of attack it is.
Take a look through the following options and figure out what will be most effective in your case.
- Site Restore
This can be one of the easiest methods of quickly fixing the damage done by an infiltration to your site. If you’ve been regularly backing up your site data, either to a plugin or by using some other method, you can simply overwrite your current site with that previous version’s information.
That being said, this option will not locate and seal any “back doors” the malware used to access your site, but it will effectively rid your site of any havoc the malware wreaked.
The only concern with this method is that restoring to a previous version will, of course, not include any changes or updates you’ve made to the site since you last backed up your site data. If backing it up is a habit, or you use a plugin that backs up your information daily (or more frequently), then this could be the perfect quick fix for you.
Of course, you’ll also need to understand the source of the hack, and seal that problem, otherwise your website will be prone to getting hacked again. Check whether any of your existing plugins has had a vulnerability disclosed and make sure you update to the latest version.
Make sure you also install a security plugin after you’re done from the restore.
- Scan and Remove the Malware
Regular maintenance is important with most things in life, and your website is no different. Any plugins or themes you use need to be regularly updated so that hackers can’t take advantage of old files to create back doors to your site.
Those back doors are how malware manages to sneak through and start making unwanted changes to your site. WordPress security audit log plugins can help you view any and all changes made to your site so that you can track down any that were unauthorized.
In addition to these security audit log plugins, you should always install a security plugin from WordPress that will continuously and regularly scan your site and remove malware. WordPress offers numerous plugins that can do so while also locating whatever back doors have been created so that you can manually remove those.
- Check User Permissions
This can be a telling way to check who has the ability to make changes to your site. If you notice any users that you don’t recognize, remove them. These were likely created by your hackers to give them access to tamper with your site.
STEP FIVE: Change Passwords
Once you’ve managed to rid yourself of the unauthorized presence on your site and have repaired any damage done, it’s time for the most basic security measure in the book: change your passwords.
Use recommended password generators to create something that others wouldn’t be able to easily decipher and make a note of it somewhere entirely separate for yourself. You’ll also need to change your secret keys and salts, but once this is done, your website is secure once again.
Having your website hacked can be scary, but damage done by a hacker can usually be repaired and your website secured. If you remain calm, follow the proper steps, and perform regular maintenance and security checks on your website, you’ll come out with a safe and secure site for years to come, and WordPress has more than enough tools and support to assist you.