What to Do if Your WordPress Site Gets Hacked? Tips and Tricks for a Quick Fix.
One of the worst possible scenarios for a website owner today is getting hacked. If you have not thought about it in advance and have not protected your site using security plugins and other measures, you might be in serious trouble.
It is essential to understand as early as possible that you have been hacked and to do your best at the given moment to minimize bad consequences. Of course, it is often visible that something has happened and that the website is working exactly as it should.
But on the other side, it is challenging to understand what really happened in particular because not all hacks are the same, but there are some signs that indicate that something went amiss or that foul play was involved.
Sings Your Site Got Hacked
Unable to Log in
An undeniable sign that you have been hacked. The reasons for being unable to log in can be many, from not being able to remember your credentials to the account not being valid anymore due to an admin change or a hacker attack.
If you cannot log in, your account may have been deleted, and you have to be sure what caused the deletion in order to know what you should do next to get your account back and take control of the site once more.
Unknown Content on the Site or a Message “You’re Hacked”
This is another obvious sign that your site has been hacked. If your site doesn’t look the way you set it up, and if any additional text appears, things are quite clear. Your website is managed by someone else without your permission, which means only one thing, and that is – your site is hacked. Moreover, if you see the message “you’re hacked,” which says it all, then the only thing you can do is attempt to get control of the site back and recover your content.
The Site is Redirected Somewhere Else
One of the worst things that can happen is definitely redirecting from your site to another site, whether it is a competitor’s website or any other where you would never want your visitors to end up. It is crucial to take care of the server and get quality hosting in order to protect yourself from such situations where you are losing your visitors, your conversions are down in the dumps, and in the end, you’re losing profit.
Google Chrome is Showing a Warning
If Google Chrome displays a warning that your site has been compromised, it is very likely that a hacker attack is the cause. It is imperative to follow the warnings and diagnose what caused them as soon as possible.
Advertisements/Popups are Displayed
What can be a clear sign of an attack and can definitely damage your reputation with visitors is the display of advertisements, popups, and similar content that you did not put there yourself. Rather, you were simply someone’s target, and someone flooded your site with unauthorized content.
To make matters worse, It is even possible that these can be hidden from you. A skilled individual could easily place additional ads and make them visible only to users who do not log in. If this were to happen, you might not even be aware of it.
How to Fix a Hacked Site
After realizing that your site has been hacked, what you do depends solely on what exactly happened and what needs to be fixed. WordPress is so popular and widely used today, but that doesn’t mean it 100% foolproof.
The most important and, at the same time, the most difficult “task” is to stay calm, as the situation requires extreme composure, and you simply must not panic because it could affect the further course of the necessary steps to save your site.
Some of the typical steps in finding out that your site has been hacked include the following: reset passwords, update plugins and themes, remove redundant users, remove unwanted files, clean out the sitemap, reinstall plugins clean out your database, and the like.
However, in the rest of the text, we will deal with the common, easy, and widely applicable ones.
1. The Free ERS Script
This is a WordPress script created to recover your WordPress site in the most critical situation, without the need to modify any files, code, or anything in the database. As this script is created to help you avoid reinstalling the entire site, it automatically saves you the added risk of losing data.
As we have stated, the inability to log in to your admin account is a serious problem, so the inability to access the admin panel automatically limits any plugin and its activation that you would otherwise use for recovery. This is where the ERS script comes in – a single file PHP script that requires no files or functions to recover your site.
Some of the situations where ERS script is useful are:
- Deletion, movement, or modification of any of WP core files
- Bad WP updates, which result in killing the site
- Unsuccessful login for any reason
- Loss of admin privileges
- Loss of all items and data
The ERS features a wide spectrum of tools, and each of them has its specific responsibility.
Here are some of them:
WordPress Information – Provides information about WP installation such as the location of wp-config.php, WP version, database access info, and much more.
Server Information – Provides information about servers that include PHP and MySQL versions and access to the phpinfo() function from where you can get more detailed server info.
Core Files – Checks every single core file and compares it with its original and warns you about any change made. ERS automatically downloads the original file when it detects a modified core file, so you can easily replace the modified one. It does not only check for core file modifications. It also detects files that do not belong to WP core files and lets you remove them very easily.
Reset WordPress – Provides a very fast and easy way to reset your WP installation completely. It actually resets your database to default values. It cleans all your data from the database, including all user accounts, but other files such as themes and plugins remain intact.
Snapshots – Provides a list of all the snapshots you have created for your site, if there are any, even those that are off-site, and even more, it allows you to restore any snapshot you want with the “Restore” option.
Plugins – This allows you to enable/disable any plugin you want, the same as you would do from WP admin, in order to be able to access your WP admin if you were not able to access it after you installed a bad plugin or plugin update.
2. WP Reset
The WP Reset plugin, as an upgrade to the ERS script described above, is also a solution. There are many reasons why someone would want to reset their WordPress page, including the case where the page has been hacked.
Performing these actions manually can be time-consuming but also tedious. This plugin resets the entire site or selected parts using advanced reset capabilities to default values quickly and efficiently. Not only does it have the ability to reset your WordPress site both partially and completely, but it also offers many other great features.
Snapshots, as a significant feature of this plugin, represent a serious form of security. This feature plays a major role in learning about changes made to the database items by providing insight into custom tables that have been created, modified, deleted, etc. Snapshots can be compared to current database tables, restored or deleted, and it takes only 1-2 seconds to create a snapshot.
A good practice would be to create a snapshot every time you make any change to the site. More precisely, after you are done with a change, create a snapshot. That way, you will always have a fresh and updated snapshot stored, and you are secure if you lose your data/content, no matter what caused the loss.
So, if your site is hacked and you created a snapshot, just find the one you want to use and click “restore.” Soon enough, your site is just as it was at the time the snapshot was made.
3. Restore a Backup
A backup that is actually a copy of your existing site will help you get your site back very quickly if something unexpected happens. It is in a way similar to creating snapshots, so nothing complicated but beneficial.
So, if you have used backup as a precautionary measure on your site after the site has been hacked, this is a necessary step to recover your page and restore it to the old one, instead of starting from scratch and wasting precious time.
If the backup is in the same place as your site, you have fewer chances to benefit from that backup because it may be hacked as well. That is why it is recommended to store backups remotely, most preferably on a cloud.
4. Contact Your Hosting Provider
As another option for getting your site back, if you did not use the backup on your own, contact your hosting provider. In general, such companies have the practice to regularly create a backup of the sites they are providing the hosting for and thus ensure some kind of security.
If it really happens that you find a backup of your site with your hosting provider, this is an ideal situation, and you are ready to recover. Since it is an ideal situation, it is not common, so make sure to secure yourself as much as possible in order to avoid the situation where you are dependent on someone, in this case, your hosting provider, since they are not obligated to have a backup. It’s just a possibility.
5. Find a Company to Fix It for You
There are many options to look through when it comes to maintenance services. You could get a one-time fix or hire someone to do it constantly. However, this is too broad a topic to cover in this article. For more information about such companies and their prices, we suggest you consult this one.
Ensure This Never Happens Again
What happened once can happen again at any moment. Once you have recovered everything successfully and thought that everything is safer than before, there are always additional steps needed so that you do not find yourself in an awkward situation again. It is evident to everyone how much better it is to prevent than to recover, especially when it comes to something you invested a lot in.
Thanks to the plugins that WordPress offers to its users, it is very easy to do these steps. Let us just remind ourselves what a plugin like WP Reset can do for you, for example. This plugin will save you when in any trouble and save you time, money, and whatnot, and we all want to have something like that.
As important as it is to create a quality blog or site, it is just as important, if not more important, to choose a quality hosting provider because they actually hold your site in their hands. As in any other industry, not all companies that offer this service are of good quality and do not provide the same level of security.
So, it is very important to research in detail about the company’s reputation and choose the one that provides the best security so that even in case of an undesirable situation, they still have a backup available that will allow you to restore your site.
Another thing to keep in mind is to use security plugins. After all, the above is a logical sequence because security must come first. Since WordPress takes security very seriously, as well as other parameters, you are free to take your pick from a myriad of available options.
One of the plugins that offer the best protection for your website is Wordfence Security – Firewall & Malware Scan. This free plugin prevents you from being hacked by notifying you quickly via email when your site is exposed to a security issue or is simply compromised and also gives you the ability to have a real-time overview of traffic and hacking attempts on your website.
The premium version of the WebARX plugin is an ideal way to protect your site. This handy plugin not only prevents attacks on your site but also protects any PHP application, which can include WordPress, Laravel, Joomla, Magento, Drupal, and Symfony.
In addition, with this plugin, you will get a security overview of all your websites on one dashboard. So, WebARX is a security platform to protect all your sites, whether you are a digital agency, web developer, or freelancer who manages multiple sites.
Another great option is Security Ninja. This plugin is intended simply for anyone who wants additional protection for their site and prevent attacks on the same. Simply including everything you need for security, this plugin will provide you with protection with a firewall, a malware scanner, scheduled scans, security tests, and more.
So many useful things and a simple plugin are indispensable parts of protecting your site. As a protection plugin available for over 10 years, Security Ninja has protected thousands of websites so far.
WordPress itself is a secure platform, but today, absolutely no system can be said to be completely invulnerable, and caution and security are never enough. No matter what size it is, no matter which business it is, big or small, simply no one is safe or completely protected.
Trying to build a website in the best possible way always carries a certain risk. But that should not discourage you. What is a big advantage is the fact that there are many security plugins available for WordPress that can help you protect your site as much as you can. Using these plugins can save your work, time, and money but also protect you from unnecessary stress.
Let us remember that the ERS script we mentioned can help you when in dire straits, as well as the WP Reset plugin, so you should definitely think about getting them to protect your work. So, if you think you are completely protected, keep in mind that owning a website always carries a certain amount of risk, and you should always try to minimize it.