Is your website hacked?
Don’t panic!! Your site is hacked because your website is so famous. There are bunch folks out there to hack website even most of them working as a day job. Hacking a website is not a new thing if your website is hacked find the cause of hacking immediately and recover from it.
Before I start this tutorial I would like to tell you that few days back my website was hacked I recovered it using some WordPress plugin and manual updates. When I saw my website in Google search result that “ this site may be hacked ” I got panic. I thought my website is gone all my hard work broken into pieces. The hacker used URL injection method to hack my websites using a plugin backdoor. Then 2 days later I found some methods to recover my site from hacker so Today I’m going to show you the steps which I used to recover my site. To know more about recovering a hacked website
Things to do before you recover your hacked website.
- Find which method does hacker used to hack your website (URL injection, phishing attack, malware, etc).
- Change All the password (WordPress Admin, Database, FTP and your cPanel)
- Check your database whether anyone has admin access other than you in your website
- Check whether any file or folder has write access to visitors in your directory. Know more
Steps to Remove This Site may be hacked labeled.
The step which I’m going to tell you based on my own experience and fully based on my own recovery method if you have find any other method which is much better than this, please feel free to contact me and submit your post as a guest.
If you have already taken a copy of backup before the malicious attempt in your website simply delete the current file and folder from the directory and upload the backup and go live, unless follow this below steps.
Step1: Login to your admin dashboard.
Step2: Update your WordPress completely if it’s up to date reinstalls it again.
Step3: update all the out dated plugins.
Step4: Delete your unwanted plugins.
Step5: Install wordfence plugin in your website
Go to options in wordfence and check the boxes as I given below then Click on scan to begin full scan. It will take few minutes to complete.
Step6: Once the scanning completed don’t panic if the wordfence says that “malicious appears in plugins or in theme file”
Step7: Now uninstall all the plugin and reinstall it which is affected with malicious if you also find that the theme which is installed in your website also affected with malicious download the fresh copy of your theme and install it in your website.
Step8: Once you done step 6 and step 7 simply scan your website once again using wordfence repeat the step 6 and Step 7 until it say no problem found.
Step9: if you’re all done request your website for review here.
Step 10: Keep activated the Wordfence plugin and get the issues and update to your email ID.
There are some serious changes in 2015 WordPress updates, if you don’t update your website you’ll face many problems like this. Always keep your WordPress, plugins and Theme up to date.