How to recover and fix my hacked WordPress site / website?

Published by on March 25, 2016 10:20 am

30 Jul 2016 11:04:38

To recover and fix a website whether it is a Worpress one or not, first ensure that you have been really hacked as mentioned in Has my WordPress site – website been really hacked ?. Next take a backup of your website and without fail your database. Now you do not need to rush as there will not be anything worse for now.

  • Place a ‘Site is under maintenance’ page, so that your users do not get disturbed.
  • As we have already discussed, hackers use malwares in your local system to capture login credentials. Clean your local machine first. Do run an anti-virus and keep everything updated.
  • Again to confirm that you are not experiencing a service outage for your site, contact your hosting provider. Communicate with them to check if they can trace the reason behind the hack and how they can support the recovery.
  • Consolidate the required details: Login credentials for CMS login and hosting login/FTP login, all available backups and error logs. You should consider keeping this information together in a safe location which you can access quickly.

If you have a backup (without infections)-Its quite easy

  • Access your Cpanel / FTP and delete the contents of your root directory and upload the contents of WordPress folder from the backup which is without malicious content.
  • Delete the database and upload the database you have in the backup.
  • Make sure to change all the backend passwords such as Wp-admin, cpanel, FTP and database. Moreover communicate with the users of your website to change their passwords as well.
  • Remove the unused files or plugins from backup as well, which could have been a weak point used by the hacker to access your files.
  • Make sure to change the salt security keys in wp-config.php for your WordPress site. You can generate WordPress salt security keys here.
  • Upgrade to the latest version of WordPress and plugins.
  • Keep your wp-config.php file secure.

Recovering your WordPress site / website without a proper backup

  • Access your FTP/Cpanel to delete the old files and install a fresh copy of WordPress.
  • Collect all the uploaded files from the backup done after hacking. Add them to the wp-content folder.
  • Run a database upgrade by accessing your domain followed by /wp-admin/upgrade.php .
  • Ensure to change all the admin passwords and have strong credentials.
  • Run through all the posts to ensure that they do not contain any javascript or files which were injected by the hacker. Search for terms like ‘iframe’ ,’noscript’ and ‘display:’ in your blog content and delete them.
  • Install the plugins freshly using wp-admin.

You can also clean the corrupted backup with a malware scanner, clean the infected files and use them too. Ideally following the security practices would help you avoid future hacks. Though this topic mainly focus to fix hacked WordPress site, some broad ideas can be applied for other website users too.

If you get stuck in between or need support, feel free to contact us for support to recover and fix hacked WordPress site.

Leave a Reply

Your email address will not be published. Required fields are marked *