Learn and resolve compromises in this way. A sudden surge in traffic – hackers sometimes use websites attacked by hackers as sites full of malicious code and clean wires to mark sites. To avoid spam detection, link to a domain and redirect visitors to another site. If you find an unexplained surge in traffic, it is recommended that you perform a malware check. Although the list is incomplete, it involves many methods to identify whether the site has been hacked. If suspicious, run a security check. But what if something is found? This is what we want now. The
So the WordPress website was hacked. What are we going to do now? Next, we will first provide some general suggestions for dealing with hacker websites. Then, we will understand the various situations we may face and provide a step-by-step approach to solving the problem. 1. calm down the best thing you can do in this situation is to keep calm. It is natural to solve the problem as soon as possible, but hasty action may help control the situation and cause a lot of harm. Therefore, the first order of the day is to take a deep breath, relax, analyze the situation, and then take action. In this way, you can make a game plan and get a reasonable opportunity to deal with the situation without worsening the situation. The
2. please back up the rest. It doesn’t seem intuitive to back up the sites attacked by hackers, but remember that they contain much more content than (damaged) system files. As mentioned earlier, some hosting providers will automatically delete damaged websites on the server. Once images and other media disappear, they are difficult to replace, so it is recommended to keep copies in case the site needs to be rebuilt in the future. To do this, try to construct as much as possible in the first step. There are many backup solutions for WordPress, and you can also backup WordPress manually. Perform this operation, but it must be clearly displayed as a hacker backup. The
3. if the local computer is scanned more, the hacker may actually start from the computer. If a hacker damages the system, the hacker may reach a website that users often log in to (for example, through a key logger). To do this, install and run a full virus \/ malware check on the local system and ensure that the operating system is up to date. This ensures that the problem does not occur on the computer and reduces the risk of re infection after cleaning up the mess. 4. the website security of experts is a serious problem. If you’re not used to handling code, servers, and other technical tasks, it might be better to hire someone else. The
Hackers are also a group of cunning people. Sometimes they hide things in multiple places to clean up and reset hackers. Therefore, paying experts to manage the site may be the best choice, and it can often save time. Of course, in order to like the people who do it themselves, there are a lot of information below. Remember, it’s optional to let someone else deal with this mess. 5. in the case of contact with the custodian company, the first address must always be the custodian company. Quality providers can help with this emergency. We also understand the hosting environment and have employees who can solve problems. The
In addition, the host will pay attention to hacker attacks, because hackers may affect multiple sites. Especially in the shared hosting environment, if someone accesses the server without authorization, the same system may damage more websites. At the very least, you can get more information about how to solve the problem by talking to the host. 5. regularly restore the site from backup
If you back up to (I know this is necessary), recovering from a hacker attack is as simple as restoring to a previous version. The problem here is that the content created and published after the backup may be lost. In this case, the advantages and disadvantages should be weighed. If you think you’re going to lose a lot of things, it’s best to try and clear the hackers manually. Now let’s talk about this. The
If the back-end is still accessible, how can I recover the website of a hacked WordPress site from being hacked, but still access the WordPress dashboard? In this case, solving the problem is too complicated. 1. if you suspect or know that the password change website is attacked by hackers, the first thing to do is to change the password. This will prevent people who have illegally obtained your login information from logging in again. This is an important first step, although incomplete (in fact, the password change will be required again below). Then do it now. I’ll wait for you. The
During drawing, allow all other users with administrator rights to change their passwords. The expire passwords plug-in can replace this operation. You can also change the password manually from the user menu and then email the new password. 2. after the malware check, we want to find out exactly where the damaged files on our website are located. The first step in removing hidden points is to remove inactive themes and plug-ins. This is usually where hackers hide a backdoor (a program that allows users to access a site or server without regular authentication). The
Then it’s your turn to scan the entire site. To do this, you can use the Sucuri malware scanner plug-in. After installation, you can check the integrity of all WordPress core files and find out whether the site has been blacklisted due to spam or other reasons. If you do not want to use the plug-in, the following is a list of external scanners for this purpose. As mentioned earlier, the Google search console may contain information about where to find corrupt files. 3. if malicious code is found in the file of the replacement site, take the damaged file as the original file. The simple solution is to delete the file and replace it with the original (not hacked) version. For example, you can install a new word press core file and replace it without damaging the site. As long as the WP content folder remains unchanged, everything must return to normal. In fact, the easiest way is to reinstall word press inside the dashboard. The same is true for theme and plug-in files. Of course, if you just add a file, you must delete it. 4. verify that the WordPress user role exists. It is used to control the operations that can be performed by anyone on the site after login. Administrator privileges can only be granted to their own users and people who are explicitly trusted. Therefore, it is recommended that you check the user menu after hacking and check whether there are any suspicious items such as administrator users. 5. Salt change (secret key) salt has been mentioned in the report on how the WordPress website was attacked by hackers. A secret key that helps to encrypt important information inside cookies. If someone visits your website after stealing your password, they may still log in. Create a new salt and WP config. You can replace salt in the PHP file and change it. This occurs on the server, so FTP access or other methods are required. 6. change your password again yes, I know you have changed your password at the beginning. But now it’s time to do it again, including other important things. Host manager backend credentials FTP
You may want to talk to them anyway. 5. after the end of the hacker attack, the website security should be strengthened according to the steps mentioned above, and everything lost in the process should be repaired. Change the user permission confirmation password WP config. Rebuild the secret key replacement site inside PHP, but this is the default. Through the above steps, you can restart the WordPress site invaded by hackers. I hope it won’t happen again. Although it is annoying to be attacked by hackers, this is not the end of the world. It is not a pleasant experience for WordPress website to be attacked by hackers, which is not what any of us would like. But it also happens at our best. If the worst happens, I hope this guide will help us understand the situation and return to normal. If the above information is not enough to re manage your website, please hire an expert without hesitation. If the website is part of the livelihood (like many people), it is a reasonable investment. After that, please strengthen the security and fix the vulnerabilities found in the process. You will be grateful in the future. Is there a problem with the hackers’ WordPress website? How? Are there any additional tips for people in the same location? Please let me know in the comments section below!
