Your WordPress Website Was Hacked: What Now?

Your Website Was Hacked

It's going to be okay, and you are not alone

 
Scared and alone pug after Wordpress website was hacked.

Your wordpress website was hacked! Something is VERY WRONG on your site. Changes are appearing that you didn’t initiate. Mysterious new users are appearing unexpectedly, or unusual links for “stock market tips” or the “cure for baldness” are showing on your footer or sidebar.

At worst, your website is completely disabled and vandalized.

Why Your WordPress Website Was Hacked

Here are three reasons your website was probably targeted for attack.

  1. The attacker makes money via your website. If your site gets good traffic, he/she will use those eyeballs for clicks on spammy links. These attacks usually leave your website looking very normal, with just small changes here and there. This is because ideally the site owner should not notice the changes, lest they fix the infection. All the while this generates some income for the attacker.
  2. Your site had a large security vulnerability. When opportunity knocks a malicious attacker is going to exploit your server. If they can get a backdoor set up (ability to do what they want with your webhost account) they will then use it for whatever purposes they please. Generally this is sending spammy emails, a low converting but real revenue source.
  3. The hacker actively dislikes your company (or you). When the motive isn’t money, it’s probably personal. This type of attack is aimed at destroying your data or bringing your site and server completely to its knees. As revenge tactics go, disabling your website for hours or even days is highly stressful and costly. It’s truly an attack on your livelihood!

How Your WordPress Website was Hacked, Probably?

The #1 offender is a vulnerable third party plugin. WordPress Core has a team of developers that puts out constant releases as new security vulnerabilities are found. As of WordPress 4.8 the security of Core is quite good. The components that do not get the intense scrutiny though are the themes and plugins – even those found on the official WordPress Plugin directory listings.

This makes every theme or plugin on your system a potential vector for attack. Anything that accepts file uploads (slideshow scripts, contact forms, etc) is potentially dangerous. Those who store data in the database — and this is most things really — can also be troublemakers.

You must use the absolute minimum number of themes and plugins on your website. It is imperative that you keep them updated, especially for major security fixes. If you love your thirty plugins and you don’t want to listen to me, here is another developer who can scare you straight about too many plugins.

Very often a vulnerability with just one plugin title is found, and hackers set out scanning the web to find sites who are using it. So just having a piece of software installed can put you on their radar. It sucks, but thems the breaks.

What Happens Now?

After your WordPress website was hacked you will need a good web developer to assess your website’s condition and attempt recovery. If backups are available that will help considerably to avoid data loss.

Your website may have ended up on blacklists (ouch) or with the “Get Me Out Of Here!” warnings in search. Your developer will take the necessary steps to get the site off those lists.

Lauren Grey is a freelance developer who can help you if your WordPress website has been compromised and needs a thorough unfugging. She can clean up your site and get off the warning lists. Contact ASAP if your website has been hacked and we’ll get it back up for you.

Last updated on