How to Know If Your Site Got HackedNo matter which popular Control Management System (CMS) you are using – WordPress, Drupal, Joomla, etc. – any of them can get hacked. Often times, WordPress users panic that their site has been hacked because their site is not responding or getting spam comments. Some users even go as far as paying WordPress specialists thinking that they need help recovering their site. However, many users struggle to figure out if their website is having technical problems or if it has, in fact, been hacked. But, it doesn't have to be difficult to determine if the site has been hacked. There are some common signs of a hacked site, such as:
- Unnecessary pop-ups appearing that were not added
- The site is automatically getting redirected to other spammy websites
- The website freazes continuously
- Displaying unwanted text in the footer or header that wasn't implemented
- Auto-linking of keywords to other external websites
- You received a notice from your hosting provider that you are doing something malicious
Step 1: Identify the Hack and Change Your PasswordIt is very stressful work to fix a hacked WordPress site if you are not tech-savvy, but it is not as hard as you think. The first thing you need is to keep calm and address some questions to help you pinpoint the problem:
- Can you access your WordPress admin panel?
- Has Google marked your website as insecure?
- After login, is your website redirecting to another website?
Step 2: Contact Your Hosting Company’s Support TeamMany beginners commit the first mistake by choosing a poor hosting company. Selecting a good web hosting company will take care all of your security concerns. Many good hosting providers are really practical in these type of circumstances. Their support staff has dealt with these sorts of problems many times before, so they should be fully equipped to help with that. Pior to doing anything yourself, contact your web hosting provider and follow their guidance. As I mentioned before, if you are using a cheap web hosting provider that doesn’t provide any security features, you also can't see if a hacker gained access to your website through another website on your server. With a good hosting company, your hosting provider can oftentimes provide insight into how the hack started and spread. Also, there's a good chance they can inform you where the backdoor to your website is and from where the hackers discovered their method. Your hosting provider may be able to fix your hacked website. If not, then choose another option below.
Step 3: Scan Your Website with a Security Tool/PluginIf you don’t update your WordPress theme or plugins regularly, there's a possibility that hackers might use out-of-date files to access your WordPress website. Once they're in, they can create a backdoor to quickly gain access to your site in the future. That's why it's so crucial to have a good WordPress security plugin installed on your site, so you can track any changes made to your site in real-time. I recommend the Wordfence security plugin. It is a freemium plugin, and it works great. This plugin has many premium security features i.e. web application firewall, malware scanner, real-time traffic measuring, country blocking, and much more. Read How to Choose a WordPress Security Plugin that is Right for You here.
Step 4: Restore Your WordPress BackupIt’s a good practice to back up your WordPress site daily. In case your site crashed or got hacked, you can restore the previous version from the backup. But remember: you have to restore a version before your site got hacked. When you restore a backup, you will get all files of your site as of the backup date. That means you will lose those changes that were made after the last backup. Inconvenient, yes – but it is better to have a clean website instead of a malicious one. After restoring your site, you can manually remove any file, plugin or theme that causes the problem.
Step 5: Check Your Users' Permissions
Step 6: Change WordPress Security Keys