Even if you try your utmost best, chances are hackers will find a way to hack your site.
Following our WordPress security article, I’ll show you five things you should do right after you find your site to be hacked.
Some of those things you should probably do before it even happens!
1. Understand what just happened
Your site has been hacked.
There are a number of ways this can happen. It might be due to poor maintenance (more on that later), or due to bad plugins.
Regardless of what the cause is, you’d better prepare yourself.
Your website is on WordPress, and because of the huge user base WordPress has, hackers like WordPress as well.
I think my personal website is under brute force attack a couple of times a day.
Don’t even get me started on the site you are reading now.
This isn’t an invitation, but please realize that hackers try to hack your website all the time.
You are no exception.
Tony Perez did a webinar about how websites get hacked earlier this year:
A few things that might lead you to believe you’re suffering a hack might include:
Google has blacklisted your website;
Google search result pages show “This site may be hacked”;
Your host has disabled your site;
Customers notify you via their local AntiVirus applications;
Your website is not behaving correctly or generating odd errors.
There are some free tools available to help you in the process, like the SiteCheck Scanner and Unmaskparasites
Knowing what happens and realizing that you are vulnerable, is half the battle.
Please read our WordPress security article and monitor your website at all times.
On top of that, you might want to install a web application firewall and a local application security plugin.