Hi, It has become very common these days that wp sites are getting hacked and we end up losing all the rankings. I myself became the victim of this problem when my entire network of SEO projects got hacked and I almost lost my business. Somehow, I went deep into the roots and secured my network. I am gonna tell you how you can also solve this issue
Why wordpress sites get hacked ?
Can be two causes :
– Compromise Hosting/ Server.
– Compromising wordpress Installation
Compromising WordPress Installation – WordPress is an open source CMS for which themes and plugins are developed by community contributors. People also try to exploit many of the functionalities of WordPress. Hackers have identified various routes inside the WordPress which makes it easy for them to hack into your WordPress installation and do the needful stuff they need.
Hackers do one or all the following things when they hack your website :
1. Redirect your Website to other unknown sites.
2. Take Backlinks from various existing posts.
3. Create new posts and take links from them.
4. Create Unattached media/image Files and get them indexed. These media files are not images but are actually scripts encoded in the form of images.
5. Get all the posts in draft and create duplicate versions of them with their choice of versions inside the posts.
6. Create occasional redirects from header.php and divert only unique visitors to hacker’s defined destinations.
7. There can be malicious codes inside the individual posts and pages of your wordpress installation.
Compromise hosting / server – Usually this thing happens when you are on a shared host. If hackers are able to enter into the server (shared) then there is a high risk of exploitation of all the sites on that server. So backdoor created on any one website hat may not be yours but still it is available on the hosting, as it’s shared hosting then you are in the high risk of getting your sites compromised.
If you are using VPS or your own server and still you got hacked, then there might be many causes to this hacking thing. Either your security firewall is missing from the server or there is some backdoor created in your existing wp installation(s) thus making the entire server vulnerable.
Till now these are the things which I noticed that hackers usually do when they into into your website. Now that we know these are the symptoms, we can have various interpretations to all these symptoms. I have mine and I will go by the interpretations and thus solutions that worked for me.
Step 1: Take backup of your Existing wordpress installation, even though it is hacked.
Step 2: Clean your wp installation thoroughly. This means you need to look for all the malicious codes at all the corners, files and folder and then remove those. There are many free tools to get it checked. Example – http://isithacked.com, Sucuri, etc. Find out all these
Step 3: Get a clean server to host your wp site. I would recommend you following : AWS EC2, Digital Ocean, Vultr. These are unmanaged hosts but will give you root access to solve any issue that you may face at any stage going ahead. Also, there are many external solutions to manage unmanaged hosting.
Step 4: Take backup of your cleaned wordpress installation and upload it in the fresh server you have taken.
After your are done with cleaning. You need to make it secure from further hacking attacks.
Step 5: Enable Automatic Backups. (Use – All in one wp migration dropbox extension, to store regular backups on cloud.)
Step 6: WordPress Security Checks and guidelines
– Https to be enabled for all the pages.
– Allow traffic only from desired countries.
– Limit the number of login attempts
– Stop the visibility of wordpress user accounts
– Remove unused themes and plugins
– Update all the plugins and wordpress installations to the latest version.
– Disable Directory Listing
– Block all the unwanted bots or crawlers to your site.
– Block unwanted URL parameters
– Change the wp login URL.
Important Tools and Plugins that you may need :
3. All in one wp migration
4. WP Security Audit Log – Keep an activity log of everything that happens on your WordPress.
5. WPS Hide Login – It hides your login URL, which will protect you from unwanted bot traffic thus disallowing them to play with your site’s security.
I hope this might be useful to many of the bloggers, since this is a major security concern these days and wordpress sites are getting attacked and comprised like anything. Almost all the things mentioned above are possible with the help of plugins listed above. Few things are to be done manually by getting inside the code. You can ask for the doubts if you may have. I will try to reply as I get time. My reply are expected to be slow due to extremely busy schedule.