What to Do if Your WordPress Site Gets Hacked



Lock Chains

With WordPress being the most popular CMS platform on the web, the likelihood of your WordPress website becoming a target of malicious attacks is huge. Still, despite the fact that hacking of WordPress is a common occurrence, there are always ways to avoid it.

If you’ve unfortunately become a hacking victim by the time you’re reading this article, there’s no need to be discouraged. We will show you what you can do to prevent this dreadful event from happening, as well as how you can recover your WordPress website in case the hacking already took place.

As with everything in life, there are usually multiple solutions to every problem, and your website is no exception to this rule. In other words, not all hope is lost, so just take a deep breath and read on.

Why Does It Keep Happening and How Do They Do It?

We’ve already established that the sheer popularity of WordPress platform makes it an attractive target for hackers. That being said, you should know that the popularity of your own website does not bring you more risk. In fact, more often than not, these attacks happen simply because there is an opportunity for the hackers to do so. They usually become aware of these opportunities through automated means.

Namely, most hackers use bots that check the web for any vulnerabilities, and if your website pops up on this list, it means there is an opening that allows them to hack it. Most common ways of breaking into a WordPress site are through a vulnerable web hosting platform, via an insecure theme or a plugin, or because of weak passwords – so better secure your website right on time.

As for the gains that the hackers get, there are plenty. Some of them include possibilities of obtaining bank account info, redirecting visitors from your website to other sites, contaminating your visitors’ computers with viruses and other malware in order to acquire information, and so on.

How To Stop All This From Happening?

Just because there is a high risk of getting hacked, it does not mean that it should end up happening to you. Bellow we will list some of the suggestions that can help you keep your WordPress site hacker-free.

  • Pick a solid hosting platform – One of the actions that can fortify your website by a long shot is to hire a hosting platform capable of withstanding hacking attacks. This is why you should aim to find a hosting service with a trustworthy reputation when it comes to security. Also, ensure that your provider of choice has a reputation of having a solid support for platforms such as WordPress. We recommend going for Bluehost or Dreamhost.
  • Make sure that your WordPress is always up to date – By providing your WordPress with regular updates, you can get two birds with one stone. Not only do you get new features and essential improvements to the code, but also improved security compared to that of the previous version. Therefore, you should make sure your WordPress site is always up to date, as it can greatly reduce a risk of hacking. That being said, we advise you to install updates manually in order to avoid the breaking of your site.
  • Take care of your themes and plugins – Just as it’s important to keep your WordPress up to date, the same rule applies to its themes and plugins. Another thing that you can do to lessen the possibility of being hacked is to uninstall every theme and plugin you are not using and that aren’t completely necessary for your website to have.

    This should go without saying, but checking your theme and plugin source, especially if they’re free, can also go a long way in keeping your platform safe and more immune to hackers overall.

    With all this being said, we do recommend installing a security plugin to give your website extra protection from malicious attempts – having more security is never a bad thing, after all.

  • Change your table prefix – WordPress comes with wp_ as a default table prefix that is well-known in hacker circles. In order to make it tough for them to figure out your database table names, you should change your database prefix to something more complex.

    Changing your table prefix is possible during the WordPress installation, but in case you already have a website, there are plenty of guides on the web that will help you do it easily and quickly.
  • Use strong passwordsd – We cannot stress the importance of using strong passwords for every account that is related to your WordPress site. The best strategy for doing this is to use a password generator or WordPress password strength meter.

    Aside from making certain that your passwords are resilient enough to withstand hacker attacks, you should also change your passwords from time to time. In addition, you should refrain from leaving your username as admin. Of course, it goes without saying that you should password protect the admin directory as well, as this is one of most the commonly attacked areas.

What To Do If You Got Hacked

So, you’ve applied all of the preventive measures above, but for some reason you got hacked anyway. Or even worse, the hacking had already occurred before you could take any precautionary actions to begin with. Whatever your case may be, here are some steps that you can take in order to minimize the damage.

Hacker Mask

  • Find out how the attack happened – Before you do anything else, you should try to figure out where and how the successful hacking attempt took place. First, see if you’re able to log into your admin area and examine all existing WordPress users. Pay special attention to whether any new suspicious user role has been added. Also, take a look at the list of plugins that you have installed, and if they’re all being used and updated. Make sure to do this both from your WordPress dashboard and from the /wp content/plugins/ directory. This also applies to the theme that you’re using (/wp content/themes/). Keep in mind that there should only be one theme installed, and if you’re also using a child theme, there should be two directories.

    Some additional things you can do are to check if your website is being redirected to another source, if there is a sudden appearance of any illegal links, as well as if Google has already marked your website as unsafe.

  • Let your hosting provider know – In case you find yourself in these unfortunate circumstances, most of the good hosting companies will give you adequate help and advice on how to proceed from here. Provided that your website is located on a shared server, they should also be able to give you answers on how the attack occurred in the first place. If, for some reason, your hosting provider isn’t able to offer you any solutions, then we recommend hiring a professional.
  • Clean the hack – If you want to remove your hack manually, you should restore a previous version of your website first. Then, change the passwords for all users and services, and double-check the user role list to verify that there are no false users. Make sure to update your WordPress, themes and plugins, as well as all the other tools that you use for your website.

    After you’ve done all these, create a backup first, then proceed with deleting any leftover malicious code. During this process, it’s important to note that you scan through your website so as to prevent it from breaking down due to the deletion of the code.

What to do after removing a hack?

Congrats! Your website is now free of any malware and is up and running once again. You shouldn’t relax too much, however. Just because you’ve removed all the threats does not mean that your website is immune to any new intrusions. That’s why you should build a meticulous security plan for your website’s longevity. And no matter what, remember that maintaining your website’s safety is a never-ending battle.


This blog post was written by a guest author/contributor. If you'd like to write or submit a guest post for JaypeeOnline, please check out our guest post guidelines page for more information on how you can share your knowledge with our readers.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.