Despite the best security measures, a WordPress website can be hacked and, if it happens, it will surely affect your business. Maybe your site has just received some love from Google and the results of your hard work are beginning to show. If it gets hacked in that moment it can bring your site a few months back in terms of traffic and rankings.
You cannot completely prevent hacking, but you can fix the issues and restore your website to normal operation.
Today, with the help of one of our readers, we have created a quick guide where you’ll learn how to find out if your WordPress site has been hacked and, if so, what you can do to fix it. Let’s begin!
1. How To Tell If Your WordPress Website Has Been Hacked
First of all, you need to identify if your site has been hacked or not, and then move onto cleaning it up.
Sometimes it’s not very easy to see if and how a website has been attacked, but with some patience and by paying attention to some common signs you can have the information you need.
Here are some common signs that you have to look out for:
- The most prominent sign that your WordPress site has been hacked is when your homepage has elements that do not belong there or is defaced in any way. It may contain some text that you don’t recognize or links that you don’t remember putting there.
- Your site’s URL keeps redirecting to another destination.
- Whenever a user tries to access the site, the browser displays a warning of a security risk due to a malicious script running. These warnings are usually displayed on a red background like the image below.
- There’s a sudden surge or drop in your website traffic which reflects on your analytics report. You can also see a drop in search engine rankings with tools like SEMrush or Google Search Console.
- You cannot log in to your WP account, using your admin credentials.
- There are spam accounts created with the WP admin user login.
- You discover irrelevant files and scripts on your “wp-content” folder.
- The site is slow to load and unresponsive, due to an overload of HTTP requests. You can check your website’s speed with this tool by Google.
- The WP mail server is unable to send or receive emails.
Once you discover how and where your website has been hacked, you can move onto the clean-up stage.
2. How To Fix It
Step 1: Discover Hacked Areas
Run a WordPress scan to locate malicious code and check for any vulnerabilities in the root folder.
You can scan your site with diagnostic tools like Is It Hacked?, which helps you identify the current security status of your site. Or you can try the plugin Wordfence Security for WordPress. Both of them are free.
Alternatively, you can try to ask your hosting providers to run a scan for you and let you know if there is any problem. Not all of them will help you, but those who will, will give you a list with all the infected files.
In case you have multiple sites on the same server, it is recommended that you scan all of them to check for possible infections. To avoid other sites getting affected from your hacked site, you should isolate your websites from each other.
Step 2: Remove Malware and Cleanup
To remove the virus, you can either run a manual clean-up or use any of the WordPress security solutions (contact me for help). For manual fixing, you can address the core infected files (the “wp-config.php” file or the “wp-content” folder), the database tables and the custom files.
You also have to remove hidden backdoors, which most hackers use to enter on your WP account, in order to prevent further infections.
Step 3: Restore Data From Backup
After cleaning up the malicious code and files, you need to restore your site to its original / normal version. Keeping regular backups can help you with the restoration process.
If your site is supported by a reliable WordPress hosting provider, you can avail the benefits of daily backups of all your site’s files and resources, which are automated and don’t require any manual intervention.
Step 4: Update and Reset Configuration
To avoid reinfection and reduce chances of further hacking, you must update your WordPress version to the latest release, and also update all the plugins and themes.
You can manually update your WordPress version or ask your hosting provider to do it. You must also change the passwords across all access points and replace them with more secure passwords.
Step 5: Opt For Preventive Measures
Fixing a hacked site might not ward off the risk forever. Adopt measures like access control, reduced users, and advanced security tools. To run a secure site, you also need to relook at your hosting solution and opt for a more protected hosting environment, so as to prevent further chances of hacking.
We hope that this article helped you solve your website problems and informed you about the security threats that your WordPress site might face.
Do you have any other tips, experience or tools that you would suggest? Let us know in the comments below.