You got your WordPress blog hacked? I’m mournful about that your blog was hacked by bloody hacker! So, what next?

Okay, you did install WordPress carefully in your blog, then choose a perfect theme for it, installed plugins that you like, and do craft some posts/pages for it, in short words you put a lot of time and efforts into your blog. Afterwards, one day you wake up from your dreams, try visiting your blog and you found that it’s not in the browser. Maybe it redirects to another site containing adverts fluff and a lot more…

What will you do next? In my words you don’t take much stress and stay calm as nothing happened with your blog. It’s okay working great. Say, “all is well to yourself”.

Say, all is well to yourself 😀

What to do, When WordPress Blog Hacked

Recover Hacked WordPress Blog

1. Contact Your Webhost

First of all, let your webhost know about the issue that you are facing so that they can scan for any infected files. However, before doing anything, let your webhost know about the hacking they can be aware and perhaps other hostees on the same shared server may also experiencing the same issue.

2. Take Backup your Blog Database

Taking backup of your blog database is one of the best ways to get back your whole content including posts, pages, comments, etc. You will be able to get your content back reading this article. But remember before backing up your WordPress blog database of your hacked website. Label that sql backup file like hacked WordPress blog backup.

3. Delete Everything

A sure way of getting your site completely out of bugs, consider deleting the overall core files of WordPress installation including plugins, themes as because we don’t know where the malicious codes are exists.  Don’t delete your /wp-content/uploads folder because this folder contains the images that used in your blog posts/pages. Before deleting the WordPress core files backup the overall images from uploads folder. Or if you don’t want to delete your WordPress installation then you must delete all plugins, themes, and replace the WP core files one by one with a latest version.

4. Install WordPress

Now, in case you don’t want the hacked WP core file anymore, you should install the latest version of WordPress from Scratch and try securing your WordPress site using these following ways:

1. Secure your wp-config.php and .htaccess

2. Set daily automatic database backups

3. Change your Database Tables Prefix if it is default wp_

4. Do More Security with Total Security a WordPress Plugin

5. Change your username if it is default “Admin

6. Limit the Unknown Failed Logins

7. Change the Default Database Username and Password

8. Move your WordPress Core Files into a Root Directory

5. Update Salt Security Keys in wp-config.php

Open up your wp-config.php file which commonly contains the sensitive information about your blog database, username, and password. How salt security keys looks like?

Example (Don’t use these security keys):

define('AUTH_KEY',         '1~w4yy|3Zw4|2OGHw`$Y:__n( {<%hMs-4mba[?cQ5}1aq5.h!V=.- ]Xvh/5x%p');
define('SECURE_AUTH_KEY',  ' -ZGNwocu-0Fk%:?u{yv#wPDUs[HiCbjwv3Bkz~i5Bs`-Bj>$1:0A/+ONfG 4Qde');
define('LOGGED_IN_KEY',    'Q$Z`$IB|/fF.5:):8RY](D+mrQ8hp$?3>z}QXFf*8Qnj6n+iD<7_~[K_j8+1tul+');
define('NONCE_KEY',        'M*H$+j. w+hM{(iYz@sf7Z7/vW?u5hz#+Z`9q>!mB>J/j{pMRKn+|:vU>x>Nhm]8');
define('AUTH_SALT',        'X!PE579gqy+D[t+VD;D]905V413ATqqddgH-:v+%#PYgSdHbzJGN-Flu` c-G2ho');
define('SECURE_AUTH_SALT', '`<uD`a3!dEtM>C[fBzTE~gDfE|arFxs-D(?GCj{UHtfOHym@(TQj| 6U=Od{epfi');
define('LOGGED_IN_SALT',   'Eh]&%_f/TA(Ucru%o,c!M27|w!8zxeHMJP]^m){!/#j%`dgeZD*zz|{m-u0ENXp6');
define('NONCE_SALT',       '}-8xFbXdnDZI1+RJYVe{|j$/$KX/Q/bH8rFyq?oi+j*_8l!dS<1)Yk(.|^9tWT_K');

Let suppose if the hacker have stole your password and is still logged in to your blog. Even if you’ve changed your password the hacker will remain logged in. Because their is something called “cookies” are still valid. In order to disable them, you have to create a new set salt security keys. Though, you don’t need to remember these security keys, because they will use in your wp-config.php file once to generate them click here. This means that all users will have to login again.

6. Check .htaccess file for hacks

The hackers are so clever and use your .htaccess to redirect your site URL on malicious sites. Check this file exactly from top to bottom because most of the time the hackers try to hide their codes at the bottom of the file. Also possible that they might try to change the file permissions of .htaccess to stop newbies from editing such files wp-config.php and .htaccess file, change the permissions to 644 using chmod function for .htaccess and 400 for wp-config.php.

Basically the .htaccess file of your blog should look like this, if you’ve never edited it:

# BEGIN WordPress
<ifmodule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

Or if you use some plugins like caching and SEO plugins, they automatically make some changes to your blog’s .htaccess file so don’t worry if your .htaccess file doesn’t exactly match the above example.

7. Scan Your Site

Now, after doing every thing lastly scan your WordPress site via Sucuri Scanner to  sure that your site is out of bugs.

8. Restore your Blog Database

After completely securing your WordPress blog by following the above listings methods, now you should consider restoring your WordPress blog database now. Your secure from hackers now, Thanks for Reading.