Let me know if this sounds familiar:
You're enjoying your day & you're knocking out a ton of things off your plate when you get an email (or text) that your website is looking WTF crazy.
You head on over to see what the drama is about and you notice that your site looks completely out of wack. You try to log in but you can't get access. Your heart starts to race, your mouth goes as dry as the desert, you feel a lump in your throat, your mind is racing as though it's in a marathon, and your imagination begins to join in.
More than likely, you got hacked (possibly even hijacked) and are now locked out of your website. You've lost everything you worked so hard to pull together — or did you.
How Do You Know If You Got Hacked?
Let's start this off right and get this out of the way: WordPress is a secured piece of Open-Source software out the gate.
It's usually the added themes and plugins that introduce security issues and too many people are not maintaining them hence leaving their websites exposed.
Unfortunately, it's probably just a matter of time before your website gets ‘jacked & is compromised in some way—if not properly protected & managed. The important thing to do is to implement as much security as you can, be prepared, and know what to do in advance in case your site gets ‘jacked anyway. You've worked so hard to build it, launch it, and keep it going, why slack off with security?
Your website is not a Set It & Forget It accessory for your business. It needs love and care just like the business itself and the owner running it. Let's get into how you can give it that TLC it demands.
8 Ways to Repair & Hacker-Proof your WordPress Website
1) Don't Trip & Flip out – Stress Is Not Your Friend
If you've prepared your site (and yourself), you have nothing to worry about. Once you find out that you got hacked, it's time to go into repair mode. You'll be able to repair any damage, and get your site back up and running in no time if you find things are in place such as backing up your information, backing up your software, backing up your website (files included), and knowing who to call to get help.
I have tested monitoring solutions such as MalCare so if files are touched it alerts me and automatically repairs the issue. I also monitor and automatically block invasions with services such as Cloudflare and WebArx Security as they not only block usernames but they block IPs and countries if a threat is coming from them in mass.
Most of your well-known sites have services like this in the background, and you don't know unless something dramatic happens. For instance, services like Squarespace and GoDaddy handle most of these aspects so when they get hit (and they have their moments) they have protocols on how to handle these attacks. Many are the same as the ones I'm covering today.
2) Notify Your Users, Members, and Visitors
You want people to know that you got hacked because oftentimes these things spread like wildfire. Talk about a damn headache. Many people know that this is not your fault, and if you're upfront about any information that could have been compromised it gives them a chance to fix any collateral damage that might develop.
You will get some salty responses but at least you are being transparent. This is particularly true when for those of us collecting visitors' information, cookies, etc. If you are on a service provider (ie. Wix or Squarespace) and they ever get hacked, you should notify your audience and update them on resolutions.
You want your followers, fans, readers, and community to know what is happening. If you don't have protection in place that automatically makes repairs for you, you would have to do manual repairs. Let your guests know what measurements you've implemented to improve your security. Send out social media postings so they know you are aware of the situation and are actively repairing it.
If you can gain access to the backend throw up a ‘Maintenance' landing page to block visitors from the issue. Give it a countdown if you know the repairs will be quick.
3) Contact Your Website Hosting Provider Immediately
Even though you are going to call someone in to fix the problem, it's important to let your web host know that you got hacked – especially if you share a server. Depending on the situation, they may already know but reach out to them either way.
Others on the server could be affected, and you cannot be sure about how far the damage has spread. Don't rely on them to totally fix your problem, but they will find and remove the code that the hacker has put in. However, you will still need to repair the issues.
When you are unsure what the issue is or you've ruled out that it is coming from your site directly, check in with your hosting provider. More often than not they are aware and doing repairs – especially if you are on a shared hosting service (which moat websites are).
4) Shut It Down or Put It On Pause
Since you have a backup of your site you're safe shutting down your site for now, until you can get things back up and repaired. Better to be down with a message of repairs being completed than to further compromise anyone else. If the issues of your site are too expensive, use your ‘Maintenance' page without a countdown so you're not under added pressure. If you need to hire someone to help you find out the issue. Many times it's an abandoned plugin or a badly coded plugin that left a gaping hole in your security.
5) Change All Passwords & Security Keys
Immediately change every password you use, for every single part of your site, and your business. You have no way of knowing specific types of information they have now that they've hacked your site. Definitely change your FTP password, your WordPress passwords, and anything associated with your website's passwords.
If you have a store, notify your users of the breach and that you have repaired it, or are in the process. Make sure that sensitive information was not accessed. This should have been secured if you have a store or collect data but double-check that everything is still in place.
Moreover, do not allow simple passwords to be used on your site and ensure that the security you use blocks major scrapping sites and the such.
6) Repair All Damaged Files & Code
If you already have a techie professional that can help you then they're likely already hard at work fixing the damage, using your backups to restore your site to like new. If you don't already have a professional at your fingertips, you need to consider finding one if you're not of the geeky persuasion yourself. It's a great stress reducer to know that someone has your back and can fix things.
If you are doing this yourself then you can replace the core files of WordPress and delete your .htaccess file in case code was injected there. It's good to change the name of that file so you make it inactive and then copy the code you want into your new .htaccess file.
Once that is done, delete the old file completely off your server. MalCare helps you isolate corrupted files and it deletes them if you set it up to do so. Also, you can have your hosting provider help you isolate the issue to track down and delete files that have become corrupted to help prevent the chance that you find out you got hacked again.
7) Change the Passwords Again
This might seem redundant, but you should be changing your passwords every 30 to 90 days. Don't leave your passwords, no matter how difficult, the same for longer than 90 days. Keeping your passwords updated and changed often will help prevent more issues in the future.
You can use a password generator and password keeper to store them for you but write then down. You should take every precaution to safeguard your website.
8) Install a Firewall and Other Security
If you use WordPress it's very easy to use a plugin to install a firewall. These plugins will email you when someone is trying to break into your site and lock them out. There are other security plugins that you can get for WordPress that help harden your databases and other files so that it's harder for hackers to break in.
As I mentioned before, you can use Shield Security, WebArx, MalCare, or any trusted plugin to do the heavy lifting for you. Just ensure that the software is being actively maintained! More than likely you'll be paying for the added safety but better to pay the low-cost upfront than a hefty cleanup bill after the hack has been done.
To lessen the pain of being hacked, it's important to be prepared. Continuously back up all your work both onsite (storing on your hosting server) and offsite (download your backups) so that you have the double guarantee to have all your hard work saved to put back up on your new clean server as quickly as possible.
If you set things up properly your website hosting provider can help you reinstate your website back to its original state before the hack with one click of a button.