WordPress is one of the most popular platforms upon which to power websites of all shapes and sizes
It’s an open source content management system, which is part of the reason it’s so insanely powerful—there’s an entire, global community constantly building on it and improve functionality
But, the fact that it’s open source also means security vulnerabilities are a constant concern
A report by security research company showed that nearly 17,000 WordPress websites had been hacked in 2016
Sucuri also reported that 78% of reported hacked websites in the first quarter of 2018 were on powered by WordPress
This is not to say that you should avoid WordPress at all costs when starting your website, if fact, you should seriously consider it
But you have to be aware that there are risks when customizing, by adding plugins and themes
If you believe your WordPress website has been hacked it is important to remember there are many different things you can do to save your website
Make sure you’re really dealing with a hacked WordPress
There are many clues that can tell you if your website has been breached by a hacker or is infected with malware
We’ve come up with a checklist that will help you identify a hack:
Has Google or any other search engine blacklisted your website for being insecure (you can check this by going to Is My Website Penalized or Banned from Adsense to see your status)?
Do any illegitimate links or text appear on your website?
Are visitors being redirected to another website when they visit your WordPress website?
Does the “Red Screen of Death” appear warning visitors that your website has malware?
If you answered yes to any of these questions there is a good chance that your website has been compromised.
There are also many security plugins that you can use to scan your website for intrusions. Here are some of the best free plugins that we would recommend for your website:
All of these plugins give you the ability to scan your site for file changes and potential threats attacking your website. If you own multiple websites make sure to scan them all for malware, as one of the leading causes of reinfection is cross contamination
If you find that your website has been hacked it is important to remove the malicious code as quickly as possible
The longer your website is affected, the more your online credentials will be tarnished
If you have a daily backup service then your work is going to be easy, just go back to a version of your website before it was hacked
If you don’t have a backup, don’t worry there is still plenty you can do, but we do suggest getting some form of a backup service for any future issues
Protecting your WordPress website
Once you’ve removed malicious code from your WordPress website you’ll want to ensure that your website is not hacked again
The first step you will want to take is to update all of your plugins and other software, as out-of-date software is one of the leading causes of hacks
Next, reset all of your passwords just in case the hacker found their way in through one of your old passwords
Finally, if you can afford some extra security you may want to consider purchasing it or even upgrading to the premium version of a plugin you’ve installed
Another thing everyone should have for their website is an automated backup
An automated backup can make getting rid of a hacker much quicker by changing to a version you had before the hack
Bundling hosting, domains, privacy, and security
Into one low price for all our WordPress hosting packages
Tweet Share Pin Tumble Email