WordPress is most used CMS today and various type of users create their website using it. You can see blogs, business websites, social networks, learning management systems and even e-commerce sites using WordPress.
More the famous thing is more threats it faces. WordPress is undoubtedly secure but some bad people around the world work day and night on getting into WordPress sites by using some sort of wrong method.
If you are reading this article, you may be one of those victim of hacked WordPress site or you must be concerned about security of your site. If you are not, you must be!
Here are some questions which you must ask yourself to make sure that your site is on safe side:
1. What sort of WordPress sites can be hacked ?
Ans: Blogs, business sites or whatever, it doesn’t depends on your website’s type, if you are using WordPress to develop your website, your site can be hacked in case no prior measures have been taken.
2. I don’t open the website dashboard very often, how will I know if my website has been hacked?
Ans: Most of the hackers usually take the site down and place some sort of “Your site has been hacked, contact blah blah email id” page on your website. Some of them might contact you personally on your old admin id.
The common sign will be that you will not be able to get into your dashboard and when you try to recover password, you will be told that no account exists for that e-mail id.
3. Why do people hack sites ?
Ans: They want to hurt you. They don’t want to see you happy as you might have hurt them in your previous birth. Arghhh…Sorry but that’s not true.
People hack sites primarily to get “something” from you in order to restore site. However data stealing, exploiting WordPress code or just for fun can be other reason.
4. Is this the end for my site ? Do I need to start over again?
Ans: No this is not the end my friend, you can recover your website and even get it just like it was before being hacked if you have took proper actions in the past. We are discussing the same now.
What to do when my WordPress Site Is Hacked ?
You must perform these step by step actions in order to recover your site:
- Inform your hosting provider: Drop a mail, use live chat or use any other way you have been provided by hosting provider and tell them that your site has been hacked. Also tell them that you are trying to recover your site and if you couldn’t get it back, you will get in touch with them shortly. Ask them to white list your IP in firewalls.
- Restore hacked wordpress site using phpMyAdmin: Most of the hosting providers provide phpMyAdmin to manage your database. If you don’t have phpMyAdmin skip this step and use ftp instead.
If you have Cpanel it will be in Database Option.
> Go to phpMyAdmin.
> Open your database table and find wp_users table.
> Now you will see encoded code for admin password and email id set by hacker. Just replace the password you want and change the email id with your own email id. Then use the dropdown functions next to the password space, click on it and select MD5.
> Click “Go” and your email and password will be updated.
- If you don’t have access to phpMyAdmin, FTP will help you to recover password. This is a tweak using functions.php file of your theme.> Go to wp-content/themes/name_of_your_theme_folder .
> In most of the theme you will have an functions.php file, find it and edit it. If you don’t have one, create a function.php file.
>Add this to functions.php file
'Write New Password Here',1);
Upload this file to your theme folder and try to access your site with the new password.
- If everything fails (rare chances) you will have to request your hosting provider to restore site from the last backup they have. Good hosting providers usually take backup twice daily and can restore your site for a minimal cost and sometimes free. If your site is super active, you might loose some newly registered users, articles you posted if the backup restored by hosting guys is old.
In order to save your site from further attacks you must read this post to know how to make your site super secure.
[message type=”simple”]How to make your wordpress website super secure in few minutes[/message]
Remember, keep wordpress & its theme/ plugins always updated to latest version & install themes/ plugins from trusted source only.
In any case you need to get site back and I hope these steps will help you get back your site. Share your views by using comment box below.
For more information related to wordpress keep visiting out blog at WpWire.net/blog .
If you have any kind of question related to wordpress, blogging, development, marketing or cooking, visit our Questions & Answer section and get reply within 24 hours.