Suffering from a website hack can be one of the most frustrating things that can happen to you online. Even though WordPress is one of the most used CMS platforms in the world, it’s also very popular with hackers.
Here are some common signs that you might have been hacked:
- Unable to log in to your site – one of the common things that happen is you’re unable to log in at all
- Unusual content on your site or messages such as “You’re hacked” – it’s very common for this type of content to be shown on your site if it’s been hacked
- Redirection links are broken – when your site is acting weird and redirects you to some unreliable links and sites, that should be a heads up
- Google Chrome shows you different warnings – if your site and browser are showing you warnings about security or data breaches, that means your site is under attack
- Showing popup ads – if you didn’t set up ads or popup commercials by yourself, then this is a sign that you should check if your site has been hacked
How to Repair a Hacked Site?
Not all hacks are created equal, so the best thing you can do is try to understand how to solve these problems and get the proper help. Below you will find several steps and solutions that can be very helpful in the post-hack process.
Emergency Recovery Script
As much as we think that we’re experienced using WordPress (as users or administrators), unexpected problems can always happen. Your site getting hacked is one of the worst things that can happen. But, don’t worry! ERS is a tool that will help you solve your problem and get your site back on track. The ERS (Emergency Recovery Script) is a single-file and independent PHP script used to recover broken WordPress sites in all kinds of challenging situations.
This script runs completely separately from a WordPress installation and is easy to integrate. If you’re not able to use your site properly, or if your core files are corrupted, this script will help you gain administrator access to your website within minutes. In this situation (or any other that can cause a problem), this script gives you over 12 tools to help you fix this issue and enable successful login to the WP admin panel and restore your whole site.
Since this script can be used for almost all possible problems on your site, it consists of the following up-to-date tools.
This tool provides information about the WordPress installation. It includes wp-config.php location, WP version, database access details, and other relevant information. If you have a couple of WordPress installations on a single hosting package, with the help of ERS, you can easily identify the problem, its exact location, and thus, it’s easier to start the repair of a site.
This tool provides detailed information about a server, like PHP and MySQL versions. It also uses phpinfo() function to list as much detailed information as possible about the PHP environment.
This is one of the most important tools in the entire toolkit. What does it do? Well, it compares our WordPress core files with WordPress files found on wordpress.org. This comparison will report any changes to these files immediately. It can also find files that have been modified, and after that, you’re able to replace all the core files with just one click.
An important thing to remember is that this tool scans only WordPress core files. This means that if you have malware or any other type of malicious code on your site, this tool will be able to detect it in the core files but not in any other ones.
Resetting WordPress is one of the most powerful tools you get. However, it should be used with caution because this tool will reset and delete your database (along with the user accounts and information). Therefore, it’s a good practice to create a new admin account to access your site and continue to work. If you want to reset your WP installation, you should use WP Reset PRO instead of ERS. WP Reset offers lots of additional options and is more convenient to use.
Use this tool to create a new admin account, where you need to enter only new credentials (username, password, and email), and you’re done. This is perhaps the most important tool that ERS offers. The process is straightforward, and it doesn’t require FTP or phpMyAdmin information in order to create a new account. The only thing that you should look after is that the username and password are not already in use on your WP installation.
If you decide to change WP’s site address, it can cause a lot of trouble and problems with logging in. The problem also occurs if you try to change HTTP to HTTPS without a valid certificate. Regardless of the situation, with ERS, you can easily change both URLs and fix your site.
This plugin is one of the most popular plugins available on the market for saving your WordPress website. It comes with loads of features and options for creating a backup of your website along with the previously mentioned Emergency Recovery Script. The inner workings of WP Reset are simple – it creates and saves snapshots of different versions of your site (along with the database) that you can always access and restore should the need arise.
Another good thing about this plugin is that you’re completely free to test out new functionalities and plugins on your site without any risks of losing structure or data on your site.
Here’s a list of several unique features that got you covered:
- Recover a destroyed site without a backup – if you accidentally delete files or add a bad file to your site’s folder, this plugin will recognize it, notify you, and recover your site in few clicks
- One-click rollback of a bad plugin update – if you update one of the plugins you have, and something goes wrong, you can roll back to your previous working version of a site by using automatic snapshots
- Testing changes a plugin did to the site – when you want to activate a new plugin to test and experiment on your site. WP Reset automatically takes the snapshot before you activate the new plugin and makes sure you have the last working version available if something goes wrong
- Restoring the database – with WP-CLI support, WP Reset version, WP Reset snapshots, undo actions, control cloud storage, etc., you’re able to save all of your data and always have a backup to use if things go wrong.
Restore a Backup
The first recommended thing to do when you’re starting your website is to create a backup. What is also highly recommended is to create a backup before making any changes. That way, you’ll still have access to all website content and your files in case something goes wrong. You can simply use the Backup & Restore option in the control panel and restore your site with just one click.
You can also use some manual options to ensure you have a working backup of your site. On the other hand, if you already have a backup, now it’s a good time to use it. Even though if you have a working backup, you should keep in mind that your site may have been hacked before the backup was created. If that’s the case, you’ll most probably need to remove malicious content manually.
In order to check whether your site was hacked before creating a backup, you can just check it by comparing the date that your backup was created with the date the infected files were last edited. This method is most common when it comes to checking the dates, but sometimes hackers will still manipulate the date a file was changed.
However, one of the most reliable things to do is to install the WP Reset plugin, where you get all possible options for creating a backup and restoring your site within minutes. This plugin also offers many tools that can help you protect your site from potential problems like this.
Check Your Hosting Provider
The hack may have affected more than just your site. This is a really common situation if you’re using shared hosting. However, it’s worth checking with your hosting provider to check what your next step should be in solving this situation. If some unusual activity was detected in your hosting plan, then the hosting provider will be able to confirm it. One of the most serious issues that can happen is a hack of an email – Email blacklisting.
What happens here is that Email Blacklist authorities are flagging the website’s IP, and those IPs are usually associated with the same server which is being used for the email. In this situation, the best thing you can do is to look at email providers (Google Apps, for example) if your online business and presence depend on it.
Find Maintenance Services
Finding the best service that will take care of your site and help you out when a problem comes up isn’t that easy. Many of these services offer you similar or the same things where price and specific options may vary. Keeping your site up to date and maintained all the time can be a time-consuming and long process. Having a maintenance service that will take care of your site and, at the same time, will serve you as a backup.
Having this type of service can help you solve all the problems if your site gets hacked in two possible ways: they will try to fix your problem immediately, or they will restore your whole site from a backed-up version. Based on 50 top companies (which you can find listed here), the average price is $71, with one-time fixes being priced at $83 on average.
Depending on the type of service you want and options you get, prices may vary, but repairing the damage by yourself will cost you much more in the long run.
How to Prevent Future Hacks?
After you successfully managed to restore your site and access your WordPress dashboard, it’s important to know how to protect your site from potential future hacks. Regularly checking your plugins and themes is the first step in securing your site. Go through all of your installed plugins and themes and remove the ones you barely use or don’t use at all. You should also check plugins and themes that you do use daily to check if they are still maintained and up to date.
Furthermore, if you see that a plugin hasn’t been recently updated or updated at all during last year, you should look for an alternative. Another action to improve your site’s security is to check WordPress users and passwords. It’s a common situation that hackers create their users to gain access to your WordPress dashboard.
A good practice to put into is to go through the list of users and remove any users that you don’t recognize. An additional thing you can do is change passwords for all users and notify them about the change.
However, the best thing you can do is have a plugin, such as WP Reset, that will take care of your site in any possible situation. Another thing you should pay attention to is also having a good hosting provider and their services. Sometimes your site can be affected by a malicious attack if your hosting provider is poorly secured.
Using security plugins is also one of the possible ways you can increase the security of your site. Having a paid security plugin may also have more advantages than the free one. WebARX is a website security platform that helps you protect your site and monitor all of your websites on a single dashboard. We highly recommended it if you want your site to be safe at all times.
If you want a free alternative, there is a couple of options. Wordfence Security is a free security plugin that includes an endpoint firewall and malware scanner that easily detects any malicious IP addresses and keeps your site safe. Another free yet powerful tool for website security is Security Ninja, which runs 50+ security tests instantly and discovers issues that you didn’t even know existed.
Constantly updating and maintaining your website and online presence is not easy, especially if your site is not secure enough. Among all listed above, we can highly recommend you use the WP Reset plugin. The Emergency Recovery Script comes included with the plugin. With this plugin, you’re fully secure and prepared for any type of problem that can happen. Also, having an additional website security tool is no mistake and can only increase the overall security of your site.