WordPress Hacked

WordPress has grown into a content management system (CMS) with a global share of more than 25%. It is inevitable that WordPress website is coveted by interested people. As a website manager, there is no doubt about the importance of website security maintenance. If the website is hacked by WordPress, what should we do? Many new WordPress friends don't know how to deal with this situation when the website is hacked. The next article is to share with you how to deal with this situation in case the website is hacked, and how to make your own WordPress website quickly resume operation.

Keep calm

When a website is hacked, it is usually very tense and hundreds of questions arise. However, you should remind yourself to keep calm. Only in this way can you make correct judgment and correction, and reduce the impact and loss of the website after being hacked.

Confirmation problem

• Please make sure that the terminal equipment used by you, such as computer / laptop, is safe and not poisoned.
• Unable to log in the WordPress console management interface, not all of which are caused by hackers. Part of the reason is that the console cannot log in due to the program compatibility problem after the website upgrade. At this time, you can try to change the name of the add-on folder or the scenery theme folder, and then try to log in to the console. If the administrator's password is replaced, please reset the administrator's password and retrieve the website management authority according to the method shared by changing WordPress password in this article.
• If the search engine shows that the website is marked as unsafe or the homepage is replaced, you can scan your website through free website malware and security scanner to view the affected files? As an analysis website, it is invaded by uploaded files or changed files.
• After receiving the host company's notice that the website is overloaded, unless its website is a website with very frequent traffic, such a situation will not happen. If it happens, there are usually a large number of specific files to be read, for example, the website has been uploaded with problem files, or the web page has been put into a suspicious syntax, resulting in a large number of connection needs.

Restore website

Restore the site to the point in time before the disaster.

Strengthening management

After the restoration of the website, as a website manager, there are several important things that must be done immediately.

• Update the WordPress file to the latest version, including the scene theme file and the plug-in file.
• Change and strengthen the administrator password (including the password of FTP / host management interface). Please do not use admin as the administrator account, and the password setting should not be too simple.
• Change the secret keys in the wp-config.php file.
• For security scanning, you can install two plug-ins, Sucuri security or theme authenticity Checker (TAC), to check the background of the website program, and find out whether there are suspicious files hidden in the website program files or scene themes.
• Check whether other users of this account have been established, and check its permissions.
• Confirm the important file permission again (see WordPress protection - how to establish basic security protection article).

Conclusion

WordPress website operates 24 hours a day, 365 days a year. It is bound to encounter many abnormal connection and vulnerability detection attacks. Do a good job of real-time update of website programs and files, regularly do a good job of backup for the website and carefully select the host supplier, which is the priority to avoid these disturbing problems. Remember that in case of a problem in the website, you can solve the problem by clarifying the problem calmly. If it is caused by a bug in WordPress, please update the version of WordPress timely. If it is a problem in the system of the host supplier, it is the best policy to change a host supplier as soon as possible. If the account password of the manager is too loose, then change it as soon as possible A set of enhanced account passwords. Finally, you can go to the hacked version or the malware version of the WordPress official website forum to see if other people have the same or similar problems, and find possible solutions. Of course, you are welcome to write to discuss with me.