Quick tips to recover Hacked WordPress blog
Are you worried that your WordPress blog has been hacked? Well, don’t because in this article we have provided the best tips to recover your hacked WordPress blog.
You did install WordPress carefully in your blog, then choose a perfect theme for it, installed plugins that you like, and do craft some posts/pages for it, in short words you put a lot of time and efforts into your blog. Afterwards, one day you wake up from your dreams, try visiting your blog and you found that it’s not in the browser. Maybe it redirects to another site containing adverts fluff and a lot more.
What will you do next? In my words you don’t take much stress and stay calm as nothing happened with your blog. It’s okay working great. Say, “all is well to yourself”.
Recover Hacked WordPress Blog
Contact Your Webhost
First of all, let your webhost know about the issue that you are facing so that they can scan for any infected files. However, before doing anything, let your webhost know about the hacking they can be aware and perhaps other hostees on the same shared server may also experiencing the same issue.
Take Backup your Blog Database
Taking backup of your blog database is one of the best ways to get back your whole content including posts, pages, comments, etc. You will be able to get your content back reading this article. But remember before backing up your WordPress blog database of your hacked website. Label that sql backup file like hacked WordPress blog backup.
Delete Everything
A sure way of getting your site completely out of bugs, consider deleting the overall core files of WordPress installation including plugins, themes as because we don’t know where the malicious codes are exists. Don’t delete your /wp-content/uploads folder because this folder contains the images that used in your blog posts/pages. Before deleting the WordPress core files backup the overall images from uploads folder. Or if you don’t want to delete your WordPress installation then you must delete all plugins, themes, and replace the WP core files one by one with a latest version.
Install WordPress
Now, in case you don’t want the hacked WP core file anymore, you should install the latest version of WordPress from Scratch and try securing your WordPress site using these following ways:
- Secure your wp-config.php and .htaccess
- Set daily automatic database backups
- Change your Database Tables Prefix if it is default wp_
- Do More Security with Total Security a WordPress Plugin
- Change your username if it is default “Admin“
- Limit the Unknown Failed Logins
- Change the Default Database Username and Password
- Move your WordPress Core Files into a Root Directory
Update Salt Security Keys in wp-config.php
Open up your wp-config.php file which commonly contains the sensitive information about your blog database, username, and password. How salt security keys looks like?
Example (Don’t use these security keys):
define('AUTH_KEY', '1~w4yy|3Zw4|2OGHw`$Y:__n( {<%hMs-4mba[?cQ5}1aq5.h!V=.- ]Xvh/5x%p'); define('SECURE_AUTH_KEY', ' -ZGNwocu-0Fk%:?u{yv#wPDUs[HiCbjwv3Bkz~i5Bs`-Bj>$1:0A/+ONfG 4Qde'); define('LOGGED_IN_KEY', 'Q$Z`$IB|/fF.5:):8RY](D+mrQ8hp$?3>z}QXFf*8Qnj6n+iD<7_~[K_j8+1tul+'); define('NONCE_KEY', 'M*H$+j. w+hM{(iYz@sf7Z7/vW?u5hz#+Z`9q>!mB>J/j{pMRKn+|:vU>x>Nhm]8'); define('AUTH_SALT', 'X!PE579gqy+D[t+VD;D]905V413ATqqddgH-:v+%#PYgSdHbzJGN-Flu` c-G2ho'); define('SECURE_AUTH_SALT', '`<uD`a3!dEtM>C[fBzTE~gDfE|arFxs-D(?GCj{UHtfOHym@(TQj| 6U=Od{epfi'); define('LOGGED_IN_SALT', 'Eh]&%_f/TA(Ucru%o,c!M27|w!8zxeHMJP]^m){!/#j%`dgeZD*zz|{m-u0ENXp6'); define('NONCE_SALT', '}-8xFbXdnDZI1+RJYVe{|j$/$KX/Q/bH8rFyq?oi+j*_8l!dS<1)Yk(.|^9tWT_K');
Let suppose if the hacker have stole your password and is still logged in to your blog. Even if you’ve changed your password the hacker will remain logged in. Because their is something called “cookies” are still valid. In order to disable them, you have to create a new set salt security keys. Though, you don’t need to remember these security keys, because they will use in your wp-config.php file once to generate them click here. This means that all users will have to login again.
Check .htaccess file for hacks
The hackers are so clever and use your .htaccess to redirect your site URL on malicious sites. Check this file exactly from top to bottom because most of the time the hackers try to hide their codes at the bottom of the file. Also possible that they might try to change the file permissions of .htaccess to stop newbies from editing such files wp-config.php and .htaccess file, change the permissions to 644 using chmod function for .htaccess and 400 for wp-config.php.
Basically the .htaccess file of your blog should look like this, if you’ve never edited it:
# BEGIN WordPress <ifmodule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </ifmodule> # END WordPress
Or if you use some plugins like caching and SEO plugins, they automatically make some changes to your blog’s .htaccess file so don’t worry if your .htaccess file doesn’t exactly match the above example.
Scan Your Site
Now, after doing every thing lastly scan your WordPress site via Sucuri Scanner to sure that your site is out of bugs.
Restore your Blog Database
After completely securing your WordPress blog by following the above listings methods, now you should consider restoring your WordPress blog database now. Your secure from hackers now, Thanks for Reading.