“My WordPress site was hacked” – The first thing you have to do is to be cool. This content was written to ensure you don’t take a wrong step and show your options for implementing a successful crisis management process. Once you see your basic options, you can draw a route.
Even if your site has been hacked – which you need to identify before doing anything else – that doesn’t mean everything is lost. So the next thing you need to do is determine if the hack happened and how it happened.
Password Forget Case: In this case, you cannot login. But your site is working. If you find that you are unable to log into your WordPress site, a hacker may have changed the password. But if you haven’t been on the site for a long time, you may have forgotten the password. If this happens, be sure to type in the correct password.
If Your Site Is Redirected To Another Location: Hackers often redirect to their own sites after accessing other people’s sites. If your WordPress site redirects people elsewhere, or there are suspicious links that you haven’t added, this could be an indication that it has been hacked.
If your site looks different: If you notice that your WordPress site looks completely different from what you left off, it could mean that you have been hacked.
Security Warning: Google may display a warning to let you know that your website may be subject to a security breach.
Slowdown: You may notice that the site is running much slower than usual; again, this could be an indication that a hacker is breaching security regulations.
Contacting Hosting Company
Once you know more about your suspected attack, the next thing you should do is contact your hosting company. Explain the situation to them and ask for more information about the next steps you should take.
In cases where your website is hosted on a shared server, you should be able to determine whether the hacker is accessing your WordPress site through another site on the same server. Your hosting company should investigate the issue for you and from there they should be able to provide you with information on how the violation came about. This may include where to find the backdoor accessing your site.
Returning from Backup
Restoring from an old backup means that the entire site will revert to that version. Any changes you made between the time you created the backup and the time your site was hacked will be lost. That’s why it’s so important to create backups regularly so that you can minimize any interruptions in case you need to restore your site after an attack. If you forgot to buy it, your hosting company may have a recent backup.
Outdated files can give hackers relatively easy access to a website. Once they have that access, they can create a backdoor that they can continue to leverage in the future. The most effective way to prevent hackers from accessing your site in this way is to keep your files properly updated.
Make sure you regularly delete inactive or outdated WordPress themes and plugins; this will give hackers less opportunity.
For security on your site, delete all plugins and themes, and reinstall them after logging in.
You can also reload WordPress core files after backing up your site and take extra security. However, this should be done carefully. It should be done calmly, led by a good guide.
Checking User Permissions and Changing Passwords
After you regain control of your site, restore it, and clean it from malware, you need to have complete control over who has access to it. You should make sure that only people who need administrative privileges have them.
Second, change all the passwords and security keys associated with your site. Also, make sure that they are properly strong and robust when choosing new passwords. You can take advantage of a password generator, it will help you create a combination powerful enough to fool any person who might be a hacker.