No one wants to find themselves in a situation facing a hacked WordPress website, unless you’re into that sort of thing, which in that case, you do you. And frankly, no tone really expects themselves to actually be in that situation, let alone taking steps to recovering from it.
So that whenever a person does get hacked, you can bet your bottom dollar that the first thing that happens is — panic ensues.
Well, hackers hack, and for one reason or another, your website could be next. I say it’s best to be prepared for the worst, and altogether avoid the panic that’s sure to follow.
To start things off, make sure you perform the basic WordPress security actions just to make sure your website is on the safe side. You can never foolproof your website entirely, but going through the security steps in this article, you should be good to go.
Even though your hosting provider might provide you with backup/restoration service alongside hosting, you should always go for a separate backup solution as well. Some good examples are :
- UpdraftPlus WordPress Backup Plugin
Now that you’ve secured your website (to the best of your abilities), as the title of this article suggests, you might be here after your website has already been hacked. Let’s see some of the security and recovery steps that you can take if that’s the case.
Your best bet in receiving useful and trustworthy assistance is through your website’s hosting company. But, before you ask them for help, it’s better to identify where things might have gone wrong for your website, just to make it one step easier for the hosting company’s support.
Here are some of the more obvious telltale signs of a hacked website:
- Not being able to log in your WordPress admin
- Finding illegal/fishy links spread across your website
- Your website getting blacklisted by search engines (Google, Bing, etc.)
- Getting redirected to a different website when entering your website’s URL
If you notice any of these signs, start preparing an incident report. Even though the next step is to report to your website’s hosting company, an incident report will significantly reduce the time it takes for the support team to help fix your website.
You can start by documenting the exact day and time when you first started noticing abnormal behaviors on your website. The nature of the weird things happening to your website, which you might have identified from the signs mentioned above. But most importantly, a detailed documentation of all the latest changes that you’ve done to your website, i.e. what new plugins you’ve installed, any changes or modifications to your themes, widgets, and other elements.
Contact your hosting provider
When your incident report is ready, it’s time to contact your hosting company and let them know exactly what’s what. If you’re with a hosting company that knows their stuff this is exactly the sort of thing that they are specialized in fixing.
This is a crucial step since having a professional helping hand guiding you almost always yields better results than you trying to battle things out on your own. Chelsea Brown from Digital Mom Talk raises similar points to this saying:
“The most important thing for you to do after your website is hacked, is to contact the hosting service and make sure they know what’s going on. That is part of what you pay them for, if not then it needs to be corrected immediately. Hiring a professional company to monitor your site is always essential, and a crucial way for you to be able to make sure that your site is protected and professionals are there to defend against attacks on your website.”
A good hosting company that provides its own dedicated support team will provide you with whatever’s necessary to help you get to the bottom of your situation. They can, and should also help you identify the origin of the hack that’s affecting your website, as well as any vulnerabilities that are still active.
Restore your backups
Once you’ve notified your hosting company, it’s time to restore things back to normal. You need to use your backup systems to restore as many files as you can back to their pre-hacked state.
Some hosting companies such as Fastdot offer backup services, which would work wonders for your hacked website.
Although, be aware that just restoring the website from a previous backup still leaves the security hole open and as such you need to make sure you are securing your website to the best of your ability.
A good security tool to prevent some future hacks is WordFence
First, there’s the backup service that comes packaged alongside your hosting. Backup on your hosting level allows you to revert your entire website to a specific restore point in the past. Reverting all changes done to your website after said point.
Not every hosting offers this, but a restoration service such as the one that you get hosting on Fastdot, is super important, especially if your website ever ends up getting hacked. Since the restore service automatically creates restore points every 10 days you can rest assured that even in a worst-case scenario you can safely rollback your website to an earlier state.Having a reliable backup service is crucial to getting your service back online asap. The last thing you need is for word to go around regarding your website’s hacked status, which is why it’s essential your website is returned to a functional state as quickly as possible.
After this step, depending on how the conversation goes with your hosting company and the fixes they apply to your website, there are a few more things that you can do to make sure your website’s safe and clean going forward.
Next, you’d want to scan your website for malware.
You can do this easily with a WordPress plugin or service.
Start your security procedures with a vulnerability scanning. If you have already set up regular scans, just look for the recent results. If not, start scanning now and see if there’s anything else wrong with your website.
You’ll lucky if you’ve started using the service before your website got hacked. It means that all changes have been logged and you can now view them from your 10Web dashboard. The security service allows you to track and reverse any change made on your website.
Make sure to install it now, before anything has happened, so have a safe version to restore. Any irregular behavior will be reported after scans. That will help you detect attacks at an earlier stage.
To stay safe in the future, go through this article about 14 ways to secure your website.
Check website users and user permissions
How much do you trust the other users of your website? Even when they don’t intend any malice, are you sure they won’t leave their laptops unsupervised with the website open?
Make sure you only allow users to make the changes they are responsible for. A blog editor doesn’t need access further than the text content of your blog.
Double-check all permissions, limit them if necessary, and take some time to train all users on cybersecurity.
If you have an open registration form for users (e.g. to submit guest posts), never allow them to make even the slightest change without your approval.
Change passwords for all users on the website
Regardless of the permissions, any account on your website can be hacked, including both your admin account and all kinds of user accounts.
Make sure to change all of their passwords to avoid new attacks.
You should feel safer now!