We love WordPress, and nearly all our sites are now developed in it, everyone else loves it too as it also powers 43% of the sites on the Internet.
Unfortunately, that means it is a prime target for hackers. There is no point searching for an exploit in software that no one uses.
With Wordpress, there is multiple access point for security vulnerabilities. There are the core Wordpress files themselves, but your theme, and all the plugins you use. The more complex your install, the easier it is to get hacked.
Prevention is better than cure, and that’s why we update all our client’s sites manually ourselves as part of our hosting package.
That doesn’t mean we are infallible, and occasionally problems arise that we must fix. More often than not, when we deal with a hacked site, it is not one of our own we are fixing, but a third party is approaching us on how to fix things.
The cost of fixing a hacked site is not particularly cheap as it requires a lot of work to ensure everything is secure. In general, when a site is hacked, it isn’t just one file that is uploaded or modified, a hacker, or more likely an automated bot, will modify dozens of files and upload various others throughout the site to try and hide their backdoors.
We have catalogued some of the steps we go through to fix a site, which we hope will help anyone that hosts their own site fix a hack.
All in all, it can be an awful lot of work to fix a hacked website. Some tools do an excellent job of it, primarily Securi, which costs $199.99. This should fix everything by itself. However we prefer not to rely 100% on an automated too, so we would still carry out most of the manual procedures.
Once you have fixed the site, we will need to work with you to find out a possible cause. It is nearly always plugin or theme related. If you download a premium one from a “free” website, then you can almost guarantee your site will get hacked. Most of the time it is due to not updating the themes and plugins. The problem here is that many premium plugins no longer charge a one-off fee, but a yearly fee, so this can be quite expensive, but necessary.
If you would like help fixing your site then contact us via the form below
[gravityform id="11" title="false" description="false"]
Visit our site and see all other available articles!