X

Select Your Currency

$ US Dollar Indian rupee
X

Select Your Currency

$ US Dollar Indian rupee
USD

Knowledge Base

HomepageKnowledge BaseGeneralAdvanced guide for the hacked WordP...

Advanced guide for the hacked WordPress troubleshooting

Mitigating the effects of a hack on a WordPress website calls for a well-defined procedure to recognize, control and rectify the impact of the hack. In this document, we provide an in-depth summary of all the measures you take:

 

 

  1. Take Immediate Action:

     

    • Put a “under maintenance” notice on your site to avoid causing further damage.

       

    • Replace every password related to your WordPress site. This includes FTP, Control panel, Wp-Admin, and Database passwords.

       

    • Inform your host regarding the breach immediately.

       

  2. Assess the Damage:

     

    • Use malware detection security plugins like Wordfence/Sucuri to scan your site for malware infestation.

       

    • Whether any changes or suspicious activity has taken place on your site’s files and database.

       

    • Log into your WordPress dashboard and check for any added users or admin accounts that were not authorized.

       

  3. Identify the Vulnerability:

     

    • Look through your logs to see how the hacker got in.

       

    • Make sure to upgrade all themes, plugins and the WordPress core to the latest version to fix any exploitable bugs.

       

    • Look into whether files are too open to changed or current programs are far too old.

       

  4. Check Modifications:

    • After saving the modifications, log out from cPanel Webmail and then log in again to check if the modifications have been implemented or not. You may check the time zone by observing the time stamps on the emails and any other time based functions in cPanel Webmail.

       

    • In case you do not see the option to modify the time zone in your Email Accounts setting, it is advisable that you consult the specific documentation of your host or get in touch with their support as this setting may not be in the same place for all cPanel configurations.
  5. Recovery:

     

    • Retrieve the site from the saved copy, please.
       
       
       
    • If not, you would need to clear the infected files by hand or hire someone to do it for you.

       

    • Post-recovery, all the passwords should be altered once more.

       

    • Let the site undergo an inspection and take it off any blacklists, if any, imposed by search engines.

       

  6. Preventative Measures:

     

    • Passwords should be complex and changed from time to time.

       

    • Set up a two-factor authentication to the administrators of the WordPress account.

       

    • Update WordPress version, Themes and Plugins at intervals.

       

    • Put in place security plugins such as Wordfence, Sucuri or iThemes Security.

       

    • Perform due diligence on your website to look for warning signs on any potential intrusion from third parties.

       

  7. Post-Recovery Audit:

     

    • Attempt to close the final gaps. Check whether there are some remaining doorbacks.

       

    • Review how individuals were bestowed rights and get rid of those that have no purpose, that are extraneous.

       

    • You may consider getting skilled services to conduct an extensive security check and fortifying your site’s protection.

       

  8. Educate Yourself and Your Team:

     

    • Do not forget to learn the new developments in attack vectors and defenses with regards to WordPress sites in particular.

       

    • Teach members of the team on the ways how to implement security measures and how to spot attackers or unusual behavior.

       

  9. Backup Regularly:

     

    • Draw up a schedule for making backups of the site files and the database and adhere to it.

       

    • Always keep copies of your site’s backups in a different secured place, away from your main web server.

       

  10. Consider Professional Help:

     

  • If there is moisture in the air, it alters perfectly white paper into grayish puddles and distort text on it.

     

  • In any concern including this, always employ the services of an IT security or WordPress cleaning services.

 

  • It is important to understand that there is no WordPress site that can be built that would not be hacked.
    Therefore, it is imperative to keep such a site current, install the appropriate firewalls, and have very strong passwords in place to reduce the chances of hacking that site in the foreseeable future.”

 

A number of services and technologies supporting deployment of personal or corporate websites and web applications on the Internet come together as web hosting.
 

 

Can't find the information you are looking for?

Create a Support Ticket
Did you find it useful?
(44 times viewed / 0 people found it helpful)

Top