How to recover your hacked WordPress blog or website
WordPress is one of the most popular content management systems at present. and at same time it is Most targeted as well. so today i will teach you some tips and Methods on how to patch/recover your site when your website is hacked (which is hosted on WP) and this post is also for those who want to keep there WordPress sites safe.
How to recover Hacked Wordpress website
if your WP website is attacked then follow these steps and get your site back.
Backup - if your website is infected to a small extent then it is still much necessary for you to secure the backup of your website before waiting to see your things changing to worse.you can use Plugin called BackupBuddy for this purpose but, i advice you to use UpdraftPlus Backup because it is free plugin and best alternate of Backupbuddy.
Change Login Details and Secret Access Keys – at the time you feel or see that your site is defaced then immediately check whether your login details are changed or not because some hackers didnt change login details in hurry. so if hacker did'nt changed your login details then quicky change login details and Wp-config secret access keys too.
Running scanners - The scanner are basically used to identify compromises at database level You can try out Cloud Sites WP Scanner plug-in or Sucuri Malware Scanner. After running the scanner you can proceed to next step.
Installing Your WordPress Again – Next important step involves Deleting all the files existing in the directory of WordPress except wp-config.php file and wp-content directory. After that you need to download and install a totally fresh copy of WordPress.
Review content folder - check all the folders in wp-content directory if you feel some folder does'nt belong to your site or seems sespicious then remove it , dont worry if you mistakenly removed any folder which is part of your blog and is not suspicious then you can get it back through backup files after even removing.
Review Plug-ins - Now this is time to analyza all your plug-ins simply remove all plug-ins from your Panel which you did'nt use and other plug-ins which you need should be uninstalled and INSTALLED again for security purposes.
Check your .htaccess file for hacks- Hackers can use your .htaccess to redirect to malicious sites from your URL. Look in the base folder for your site, not just your blog's folder. Hackers will try to hide their code at the bottom of the file, so scroll down. They may also change the permissions of the .htaccess file to stop newbies from editing the file. Change the permissions back to 644.
Now analyze your theme- task of removing the extra themes which are not in use currently. Next task again involves reviewing your activated theme. Look through the PHP or Javascript code to find out any suspicious activity there. Most of the time hackers make such malicious changes in header.php or footer.php files.