Have you ever seen a message like this when you go to your domain?
There are hackers all over the net, some malicious and some not. I’ve worked on sites that got hacked and during my cleaning up of all the malware the site gets hacked again. So here are some steps you can follow in order to clean up any infected malware on your site.
From our experience we can say that most malware gets injected into your .htaccess file or the header.php of your current theme. If you use a parent/child theme the injection is usually in the child theme.
- Bring Down the Site
Bring it down temporarily and replace it with a 1 page site that says the site is down for maintenance. This prevents anyone else getting infected.
- Run Virus Scan
The injection may have put things on your computer so its a good idea to make sure you are safe.
- Change Passwords
Change them for FTP (server), MySQL (database), and WordPress. If you can change the usernames for any of those that will also be a good thing.
- Change WordPress Secret Keys
This is also known as the “salt” which needs to go into your wp-config.php at the root of your site.
- Delete the “admin” Account
Delete it and replace it with something else. Most sites contain an admin account so a hacker could assume you used admin as a username and then they just need to figure out the password.
- Clean Up Files
Specifically check htaccess and header.php. Read this article for a tip on how to prevent injection to htaccess. Look for any code that shouldn’t be in there and get rid of it. Here are a few other articles from us on htaccess.
- Install Login Limiter
This plugin will prevent Brute Force attacks.
- Change passwords
Yeah I know this is the second time we are telling you to do this.
- Google Analytics
We assume you already use them but in case you don’t, you need to.
- Back Online
Put the site back online for all of us to enjoy.
- Re-crawl/Re-index your Site
Login to your webmaster tools in Google and any other search engines you have tools with and have them re-crawl your site.
The WordPress codex also has something to say about getting hacked.
That should take care of it however there are other things that you can do in order to protect your site. Each theme should always have plenty of preventative scripts to guard your site. This site was what to do if your WordPress site gets hacked but remember an an ounce of preventative care if worth a pound of troubleshooting.
If you need help getting your site back online or just want to make sure its protected, contact us and we can get your squared away.
By: Eric Wargo
on Oct 28