What to do if your WordPress site is hacked

A few months ago, I agreed to take on a WP site that had been put together by someone else a few years earlier and then abandoned. The core files and plugins were all badly outdated. The reason that was dangerous, as I explained to the site owners, was because old files are vulnerable. As programmers discover vulnerabilities, they patch them through updates. This is why it’s crucial to implement updates as soon as they come out.

What a smart fella I am. Unfortunately, it never occurred to me that the site might already have been hacked. This was, in fact, the case. Long story short, this was a huge pain in the ass. My VPS’ IP ended up getting blacklisted, email stopped working, and I had to purge the site from top to bottom. Rather than try to root out all the corrupted files, I just deleted the whole thing and rebuilt it from scratch on a brand-new theme from a reputable designer. I just copied the text and the photo files over. That is not exactly a practical solution for everyone, though. On a large site, it’s impossible.

Wordfence is a free plugin (with paid upgrade features) that I can’t say enough about. In fact, Wordfence detected the hacked files and tried to warn me, but, in a moment of hubris that now seems astonishing to me, I ignored it. I thought that more bells and whistles would be going off if I was hacked. I also thought the site would have changed appearance, and would perhaps be inaccessible. I was wrong. There are lots of ways to hack a site. In my case, it was by planting phishing pages throughout–fake banking login pages designed to trick people into entering their personal financial information, so that the hackers can then steal their money.

Those hackers were mad at me for figuring out their little scam. Once I cleaned the site, they DDOS’d my server, causing it to crash. Eventually they got bored and went away. I am a very small fish, after all. They have more lucrative targets to attack. But the whole thing was a learning experience that I hope I only need to go through once.

Here is an article I just read, which is called HOW I CLEANED UP MY WORDPRESS SITE AFTER IT WAS HACKED AND BLACKLISTED, by Jenni McKinnon. A good read with lots of great information. Learn it. Live it. Update your files. And don’t agree to take on any sites until you’ve scanned the living daylights out of them first.