WordPress Site Hacked: Hacked Aftermath Guide

This is very common these days. There are lots of hackers that want to insert unwanted links into your website.  This guide will provide you solutions to neutralize the situation.

WordPress itself can be properly secured when taking into account the appropriate standards and procedures. Spending a little time and proactive steps will allow you to overcome any issues that may arise from an intrusion into your wordpress blog or wordpress site.

How do you detect if your website has been intruded upon?

  1. Utilize TAC:  This plugin will allow you to detect if your theme has been hacked or altered with malicious links
  2. Review Source: Look over your website in code view. See if they’ve comprimised any links.

What are some common causes of any security intrusion:

  • Simple Passwords
  • Plugins that expose security risks
  • Non-secure File Transfers

How do you avoid being hacked again?

There are some simple and low cost proactive steps to make your website become more difficult from being hacked. A handful of these may be obvious steps:

Passwords

  1. Change passwords often
  2. Utilize a password generator (See Links below).
  3. Make sure your password is more than 14 characters long and utilizes capital letters, integers or numerals and various symbols.

Backup your WordPress site

  1. Backup your WordPress site and WordPress database frequently
  2. Install a wordpress plugin to backup your website
  3. Store backups on dropbox
  4. SCM: Utilize Git or SVN and deploy your files using version control

Utilize Secure Entry

  1. Transfer files utilizing SFTP or SCP.
  2. Login using HTTPs
  3. Force SSL when exchanging passwords

Restrict Access

  1. Set restrictive permissions in areas of possible intrusions. Especially for your wp-config file. If your wp-config file is exposed; it contains your database password.
  2. Setup htaccess password for your wp-content folder
  3. Store database dumps in a folder inaccessible to the web and spiders
  4. Set up a wordpress salt for your password. This will allow only users with the particular salt entry to your wordpress site.
  5. Limit access to your mysql database. Limit external access to your database if you can.

Finally

  1. Update WordPress: Keep your WordPress core updated. There may be important security releases that will avoid you future headaches!

What if my wordpress blog has already been hacked?

Most likely the intruder or the hacker has probably added malicious links to your website.

This may mean removing the code that has been altered.

  1. Recover as much data from your WordPress theme as you can. If you have a backup restore it from a safe point.
  2. Backup the malicious theme or site: Doesn’t hurt to be able to have something to compare your changes with.
  3. If you cannot you must manually remove code in your theme and database
  4. Reinstall WordPress: The core of WordPress may have been altered or changed. Doesn’t hurt to upgrade and get the latest version of WordPress. There may have been a security release that will save you future headaches.

Resources

  1. GRC Password Generator – Secure password auto generator. The page itself is also secured via https !
  2. Random Phrase Generator – If you require remembering your password i recommend using this tool. I would recommend using numerals and different case to increase your password complexity
  3. WordPress Documentation on Security
  4. WordPress File Monitor Plugin

Update: Thanks Jon Hoff for the tips