You tried everything to keep your website safe from being invaded by hackers. But alas, your worst nightmare turned out to be true. Suddenly, one fine morning you woke up to find your website is hacked.
Panic is the first reaction which is expected when you first come to learn about your WordPress website hacked. The truth is that this is no time to panic and instead take matters into your own hands and do whatever is required to reclaim your site and let it function like before. Here’s a guide to successfully recovering from a hacked WordPress website, at the earliest.
Rather than pressing the panic button, the first thing which you should do is to change the admin password. By doing that you ensure that nobody is accessing your website during that time and you can concentrate on recovering the website.
For a WordPress website owner, along with the change in the admin password, a lot of other password changes are also required. That will revoke any active logins in your website using the old username and password. You should immediately change the server passwords, cpanel logins, FTP username and password and even the secret keys. Once all the password changes are made, you can log out, clear the cache and cookies and only then log in back.
While you are busy recovering your hacked WordPress website, put the site in maintenance mode. This is to be done to ensure that the visitors of your site do not encounter any issues like being redirected to a third-party site or accidentally clicking on ads which might contain malware.
You should next identify the backdoor via which you website might have been hacked. A backdoor is a method which can be created by a hacker which allows them to bypass normal authentication and access the server remotely.
There are both paid and free malware scanner WordPress plugins like Sucuri and Exploit Scanner which can help you detect a backdoor. Once you are able to find a backdoor fix it as quickly as possible.
The next best step would be to restore your WordPress site from a previous known safe copy. It might seem to be a lot of hassle and it might act adversely for sites whose contents keep on changing at a quick pace. However, if you analyze the situation properly, you can see that the pros outweigh the cons.
It would also be a better idea to dump the current database, do a fresh installation from the WordPress site and then performing a restore of the site. By following these steps, you can make sure that your core files are devoid of malware code.
Once the restoration is done, you should upgrade your site and again change all the passwords, FTP details, and server access information. When you are done with them, you can perform a complete backup of your website and its content.
If you do not have a backup of your site, the entire process becomes tedious and there still remain the risk of your site getting infected again. You can, in such circumstances, copy and paste as much content as possible in .doc file, delete the website content and repost the content fresh. In case your website caters to a lot of photographs, the only option left is to again upload those photos.