Suffering a website hack on your WordPress site is a frightening experience that can leave you feeling distressed and violated. Although your first reaction may be to panic, the best course of action is to take a deep breath and continue forward with a tempered and pragmatic approach. This way you can move beyond your website’s issues with the smallest amount of impact possible.
You may wonder, why has this happened to me and what did I do to deserve this? Hackers attack randomly, so try not to take it personally. You may be surprised to know that people are trying to hack into your website most of the time. This may lead you to wonder, what is behind the mind of an attacker? Some are motivated for political or religious reasons but most do it to gain profit or see it as a challenge.
How do I check if my site has been hacked?
Most of the time, hackers don’t want you to know that your website has been compromised because they want to use it unnoticed for as long as possible. However, if you are now staring in despair at a defaced version of your website, where you can see a bold notice exclaiming that ‘XYZ has hacked your website’, then there can be no doubt that your site is no longer under your control.
Secondly, your web hosting provider may contact you about the increased amount of disk space you are suddenly using. This will be down to the excessive bandwidth your attacker is consuming without your knowledge.
A sudden drop in website traffic can also be cause for suspicion. The reason for this is that your site may have been blacklisted by one of the major search engines or flagged for distributing malware; therefore, nobody will want to visit it.
Finally, check your admin panel. Have new, unfamiliar users been created without your knowledge or authorization? Your website visitors may also alert you to the fact that their antivirus software is warning them to stay away from your site.
Types of Hacks
Defacement – As mentioned above, changing the visual appearance of your website by disfiguring it is the most obvious form of hack. Activists attack sites to display conflicting views or beliefs. Sometimes attackers simply do it to show off their superior hacking skills, which can bring corporate websites down for days. A pseudonym or hacker code name can usually be located on the web page that has been defaced.
Malware – If a site is hacked, malware can be installed in order to steal personal information, financial data or to spread further viruses.
Malicious Redirects – Have you ever browsed to a site and then been immediately redirected to an unwanted web page prompting you to download an innocent looking piece of software? This could be a result of a malicious redirect, due to a hacked site. Make sure you don’t hit that download button because those files are often infected with a virus.
Backdoor – A backdoor bypasses usual login and authentication methods and gains the ability to remotely access your website’s server without being detected. Backdoors can be hidden in themes, plugins or within your WordPress wp-config.php file.
Pharma – If the search results for your site are suddenly looking more like the perfect place to purchase medications, then it may have been subject to a pharma hack. The results of this type of attack are only visible to search engines, and the aim is to get valuable links from high ranking web pages.
Phishing – Once a hacker gains access to your site, your web page can be replaced by a phishing site, hoping to trick the next unsuspecting visitor into providing them with valuable credentials or financial information.
As you can imagine, if your site is hacked, then there are likely to be ramifications.
Your hosting provider may suspend your site if hackers are suddenly using way too much bandwidth or disk space. Getting blacklisted from search engines or seeing the message ‘This site may have been hacked’ in search results, is also no fun. Here is a quick example:
A drop in SEO is also likely due to far less traffic and your company’s revenue may also take a nose dive. Lastly, you may lose clients and your valuable reputation as your site is no longer viewed as a viable place to visit.
How to Proceed
If you are a technically savvy DIY WordPress developer and want to try resolving your hacked website yourself, then the process is as follows:
- Take back control of your site – Remember that there are various ways that attackers can take over a website. Regaining control of your website may not be an easy process as hackers may try to lock you out.
- Prevent further attacks by securing your site – To determine how your site has been broken into you may want to think about what happened just before the attack took place. For example, did you install a new theme or plugin? You should look for any ‘back doors’ that have been put in place by hackers to use in the future.
- Remove unwanted content – Delete improper content that has been put on your site. Be aware that this can be a very long and laborious process, depending on the attack.
- Reinstate appropriate content – You may be able to restore your site from a recent backup but bear in mind that the hack might have occurred some time ago.
- Monitor your website to prevent further attacks – Naturally, you will want to keep an eye out for your website, and it is also advised to scan your computer for viruses, as sometimes your laptop or PC can also be involved in the hack.
WordPress Malware Removal Services
Recently acquired by Godaddy, Sucuri offer a complete security package that can be purchased on a yearly basis for $499.00 via monthly subscription. Their package includes website hack repair, removal of security warnings, future hack prevention and ongoing detection and monitoring.
Site cleaning services from WordFence (the famous creators of the WordPress Security Plugin & Firewall) costs $199.00. This price covers deleting any malicious code and getting your site removed from where it is blacklisted. They also throw in an in-depth report, plus a handy checklist to prevent your site from any further attacks.
This company offers an acclaimed WordPress malware removal service which starts at the rather heady price of $497 per hacked site. This package includes WPSecurityLock Perimeter Protection, implementation of strong passwords, removal of malware from your site, deletion of malware warnings from the major web browsers plus some other useful services. You also have the option of moving your site to another host for an extra $200.
The staff at WP Fix It offer a one-time purchase at $87, which includes removal of all infected files, a detailed scan of your website, security enhancements and blacklist removal if required. Their services runs 24/7, which is definitely a plus.
Last but not least, the specialists who work at Fixmysite.com offer thorough malware cleaning of your site, elimination from blacklists and security improvements, all for the competitive price of $79. A live chat service is available and you can also ask for a free assessment of your site.
The world would unquestionably be a better place if unethical hackers didn’t exist. However, as you now know there are many ways that your site can be attacked and used for devious purposes.
Moving forward, one of best types of defense against these attacks is to ensure that you backup your site on a regular basis. You should also harden your website’s security, a task that can easily be overlooked by webmasters and business owners. In the event that you are hacked, keep calm and follow the right steps, a hacked WordPress site can be recovered in no time.