If you have never experienced a security breach with your WordPress installation then you're one of the lucky ones. Website security should be of paramount importance to every WordPress website administrator, no matter how big or small your online empire may be. Ensuring your site is not only a safe place for people to visit, but also any data stored within your WordPress installation is safe from prying eyes. Being hacked can leave a bad taste behind, but all isn't lost if it should happen.
Have You Been Hacked?
There are many scenarios that would suggest your WordPress installation has been hacked, or is at least under attack from malicious nasties. These scenarios may include (but are not limited to):
- Unrecognised links appearing within your site that lead to unsavoury locations.
- Your users are complaining of receiving spam emails from your WordPress website.
- Receiving spam warning notifications from your web host or server provider.
- Your website as a whole has been replaced with a new website (and content).
- Your .htaccess file has been modified containing unrecognised configuration commands.
- Your (usually speedy) website has slowed down, with no significant increase in traffic.
- Strange advertisements appeared on your WordPress website or within its content.
- Alert message from the browser informing users that your website is malicious or dangerous.
- None of your websites emails are being delivered or bouncing back to you.
- Hidden code or scripts are visible within the source code of your website.
- Any of the below detection tools claim your website has been hacked.
- Your WordPress website redirects to an external URL.
Do Not Use Nulled Products
The use of illegal nulled products is a dangerous game to be playing, especially if you value your WordPress installation. Premium WordPress themes and plugins prefixed with the word nulled shouldn't ever be trusted, no matter how tempting it may be. Always be very cautious if premium products are offered for free, otherwise your journey may become an expensive adventure.
These nulled products usually have been obtained with stolen credit cards or hijacked PayPal accounts by fraudulent users who then make the products available for free. Nulled products are notorious for containing malware and can immediately begin spreading their infection to your users.
You should ask yourself a question before installing a nulled item, in what way does a hacker benefit from releasing commercially available products for free? Even just by visiting a website offering nulled items could be infecting your computer, and providing you're using detection software, should be flagged as being a suspect website to be visiting. It's simply not worth the hassle.
Fixing a Hacked Website
So what can be done if you believe your WordPress installation has been hacked? We'll now outline a few tips and approaches you could undertake in case your WordPress website has been hacked, in order to clean the site up and prevent being hacked in the future.
Speak To Your Webhost
First things first, get in touch with your webhost or server provider to inform them of your attacked website. The attack may not be limited to just your installation if you're on a shared hosting plan. Professional hosting providers who deal with these attacks on a daily basis will be able to confirm whether you are indeed the focal point of an attack, and what your next step should be. Many hosts may be willing to do all the work for you by restoring your website from a recent backup.
Removing Inactive Items
Hackers may be using your inactive WordPress plugins and/or themes as a backdoor to your WordPress installation. Removing these inactive items could help secure your WordPress website from future attacks and may even aid you in fixing your hacked website. Almost all professional webhosts also offer an automated backup service that may be able to restore your files for you.
Restoring a Backup
If your webhost didn't have a backup of your WordPress website, hopefully you had the foresight to keep a regular backup of your WordPress installation yourself. Restoring a WordPress installation from a recent backup is well-documented and can also be carried out by automated software, like one of the popular WordPress backup plugins listed later in the article.
Increasing your WordPress website's security isn't as difficult as you may think. There are a wide-range of protective measures, security products and services at your disposal that you can deploy in no time at all. Spending a small amount of time in making use of the available detection and protection tools could save you a great deal amount of time in the long run.
Sucuri Security (Free)
Harden your WordPress website with ease using a series of security features from the Sucuri Security plugin. Offering protection in no fewer than seven vital areas including audit logging, file integrity, malware scanning, blacklist monitoring, and a series of hardening measures with integrated notifications. The plugin even offers effective Post-Hack actions that will aid you in retrieving a hacked website, which could be invaluable after you've been hacked.
Wordfence Security (Free & Premium)
Wordfence is a comprehensive security suite that offers a series of vital components to help you secure your WordPress installation.
- WordPress Firewall protects your WordPress website by identifying malicious attacks and traffic before it finally reaches your site.
- Real-Time Blocking features will block attackers instantly upon detection.
- Login Security allows you to add two-step mobile login verification to significantly improve the administration area / dashboard of your WordPress website.
- Security Scanning will observe and scan your installation files and installed WordPress themes and plugins for changes and integrity.
- Monitoring Features allows to monitor traffic, DNS changes and DDoS activity in real-time.
- Multisite Security enables you to harden your entire WordPress Multisite installation.
- Caching Features allow you to keep your disk and database activity to a minimum.
Additional support and enhanced features are also available to Premium users of the Wordfence Security plugin, with single key prices starting from $75 per annum.
BulletProof Security (Free & Premium)
The BulletProof Security plugin allows you to strengthen your WordPress website in a variety of ways. The Pro version is the complete tool for logging, monitoring, hardening and securing every element of your WordPress installation, which is available for a one-off payment of $60.
Keeping Your Website Up-to-Date
Ensuring that your WordPress installation, WordPress themes and WordPress plugins are up-to-date is a must. With recent improvements made by the WordPress core developers to the update process, it usually shouldn't take much to get everything updated. Checking for relevant (security) updates on a regular basis should be a part of your daily administration routine.
The UpDraftPlus plugin is a trusted and comprehensive tool that provides a backup & restoration service. Including the integration of a variety of cloud-based storage providers, like Amazon S3, Dropbox and Google Drive. Backup Guard is another comprehensive plugin that allows you to not only backup your website, but to also duplicate, migrate, clone, and restore your backups with ease.
Conclusion: Fixing Hacked WordPress Websites
Trying not to sound like Captain Hindsight, preventative measures against malicious attacks should be high on your priority list as a WordPress administrator. There are a plethora of WordPress security plugins available at your disposal that can be easily implemented in just a few moments that will not only help you strengthen your installation, but also aid you in recovering your website after an attack. Providing you stay calm and act quickly the moment you discover you've been attacked, you should be able to fully restore your site with the minimum of downtime.