WHAT TO DO WHEN YOUR WORDPRESS SITE IS HACKED

A hacked website can be stressful, but with the right steps and tools, you can recover your site and strengthen its security to prevent future attacks. This guide provides a step-by-step recovery process and explains how Yogi’s VPS can assist you during this critical time.


Step 1: Identify the Hack

Symptoms of a Hacked Website

  • Your site is defaced or displays unwanted content.
  • Visitors see warnings about malware or phishing.
  • You notice unauthorized logins or changes.
  • Your site is redirecting to unknown URLs.
  • Google flags your site as compromised in search results.

Step 2: Take Your Website Offline

Prevent further damage by temporarily taking your site offline:

  1. Deactivate the Site: Use cPanel’s File Manager to rename your public_html directory (e.g., public_html_backup).
  2. Display a Maintenance Page: Create a simple index.html file with a maintenance message to reassure visitors.

Step 3: Scan Your Website for Malware

Use tools to identify malicious files or code:

  1. Yogi’s VPS Malware Scanner:
    • Log in to your Yogi’s VPS cPanel and access the Virus Scanner tool.
    • Scan your website files for malware.
  2. WordPress Security Plugins:
    • Install plugins like Wordfence or Sucuri Security to scan for infected files and malicious code.

Step 4: Remove Malicious Files and Code

Manual Cleanup

  1. Identify Infected Files:
    • Review malware scan results for flagged files.
  2. Restore Clean Backups:
    • If you have a recent backup, restore it via cPanel’s Backup Wizard.
  3. Remove Suspicious Files:
    • Use cPanel’s File Manager or FTP to delete unfamiliar or suspicious files, especially in directories like /wp-content/uploads, /wp-includes, and /wp-content/themes.

Reinstall Core Files

  1. Download a fresh copy of WordPress from wordpress.org.
  2. Replace the following directories on your server:
    • /wp-admin
    • /wp-includes
  3. Replace all WordPress core files except wp-config.php and the /wp-content directory.

Step 5: Reset Passwords and Permissions

  1. Change All Passwords:
    • Update passwords for cPanel, FTP, WordPress admin, and database users.
    • Use strong, unique passwords.
  2. Check User Accounts:
    • Log in to your WordPress admin dashboard and review Users. Delete any unauthorized accounts.
  3. Fix File Permissions:
    • Set file permissions to secure values:
      • Folders: 755
      • Files: 644

Step 6: Secure Your Database

  1. Check for Unauthorized Changes:
    • Log in to phpMyAdmin via cPanel and review tables like wp_users and wp_options.
  2. Change Database Credentials:
    • Update your database password in MySQL Databases in cPanel.
    • Update the DB_PASSWORD in your wp-config.php file.

Step 7: Update and Harden Your Website

  1. Update WordPress Core, Themes, and Plugins:
    • Install the latest versions of WordPress, all themes, and plugins.
    • Remove unused themes and plugins.
  2. Harden WordPress:
    • Disable XML-RPC:
      • Add the following to .htaccess:
Copy to Clipboard
    • Restrict access to the wp-admin directory using .htaccess or IP whitelisting.

Step 8: Scan and Monitor Your Website Regularly

  1. Enable Automatic Malware Scans:
    • Use the malware scanning tool provided by Yogi’s VPS.
  2. Install a Security Plugin:
    • Use plugins like Wordfence or iThemes Security for ongoing monitoring and alerts.

Step 9: Inform Stakeholders

  • Notify your users or customers if their data may have been compromised.
  • Provide guidance on resetting passwords or securing their accounts.

How Yogi’s VPS Can Help

1. Malware Scanning and Cleanup

  • Use the built-in malware scanner in cPanel to detect and remove malicious files.
  • Our support team can guide you through advanced cleanup procedures.

2. Backup Restoration

  • Yogi’s VPS offers automated backups that you can restore via cPanel’s Backup Wizard to roll back your site to a clean state.

3. Enhanced Security Features

  • Free SSL Certificates: Encrypt data and protect your site from man-in-the-middle attacks.
  • Firewall Protection: Yogi’s VPS includes server-side firewalls to block malicious traffic.

4. 24/7 Support

  • If you need assistance, our support team is available 24/7 to help recover and secure your website.

Step 10: Prevent Future Hacks

  1. Enable Two-Factor Authentication (2FA):
    • Install a plugin like Two Factor Authentication to add an extra layer of security.
  2. Schedule Regular Backups:
    • Use tools like Total Upkeep or cPanel’s Backup Wizard to automate backups.
  3. Limit Login Attempts:
    • Install a plugin to restrict login attempts and block brute-force attacks.
  4. Regularly Update Software:
    • Always keep WordPress, themes, and plugins up to date.

Conclusion

Recovering from a hack can be a daunting task, but with Yogi’s VPS tools and support, you can restore your website and enhance its security. By following this guide, you’ll minimize downtime, protect user data, and safeguard your site against future attacks.

For assistance, contact the Yogi’s VPS Support Center or reach out to our 24/7 support team.

By Published On: February 18th, 2015Categories: Domains, Support, Tips & TricksComments Off on WHAT TO DO WHEN YOUR WORDPRESS SITE IS HACKEDTags: ,

Share This Story, Choose Your Platform!