Security attacks on your website sites can be crippling. If you are managing more than one site, then it can be even more devastating, because these sorts of problems are generally infectious. In this article, we shall discuss about recovering from a WordPress attack, and also look at the security measures which can be taken to prevent such attacks.
Finding where to start is the most difficult part in the post-attack phase. When you have a big mess at your hands, it becomes intimidating to think about the scale on which you have to carry out the repairing process. Here is a list of steps which can help you find at least the starting point.
- Backup your website– Although it might sound stupid to backup a compromised site, but in the repairing process things might become worse from bad. And that’s the reason why you should back the site up before starting out. Back up all of the database and core files [a complete backup].
- Passwords and Access keys– Change these. Chances are, the attacker already knows about your passwords and access keys. Even after you have recovered, to avoid another collapse, you should change passwords immediately.
- Scan the sites– Use scanner plugins to find the compromised areas. Sucuri Malware Scanner is a nice option. These types of scanners are very effective in finding the problems with databases. However, never leave the recovery process at this point.
- New WordPress– Download the latest version of WordPress and re-install the site, you need to move the old wp-config.php and wp-content folder to the new installation. site. Edit the wp-config-sample.php file and replace the sample values with the database values of the current wp-config.php file. Delete this old file, and replace it with the ones you have saved. Don’t keep any file which you are not sure of as being unaffected from the attack.
- Content Folder scan– Look for suspicious folders in the wp-content folder. Folders named ‘cache’ are many times the culprits. Delete the files which you are not sure of. If anything goes wrong, you have a backup to help you out.
- Reinstalling plugins– After all the core files have been tested, the next step would be look into themes and plugins. In this step, you have to delete, and reinstall each of the existing plugins. This might be a very tough job, but plugins are many a time the culprit.
- Google Webmaster tools– Google Webmaster tools have the feature to flag and identify websites which have been compromised. These warnings can help you a lot to prepare yourself for an attack, and even after the attack, these can be helpful finding out what exactly went wrong.
How to Provent
Phew! The process can be long and tiring. Now that we have talked about the cure, let’s talk a little regarding the prevention of attacks
- Backup regularly– If you backed up a week ago, and something goes wrong today, without all that recovery rigmarole you can simply revert back to the latest backup image. It saves time and is almost 100% effective.
- Scanning Local machines– Malwares present in the local machines can be the reason why the WordPress site gets compromised. If you login using malware affected PC, you would end up compromising the whole of the site. Hence always keep your local machines clean.
- Monitor File Changes– Add a plugin to monitor changes made to the file. It can be a little intimidating in highly active sites, but for moderately active sites, keeping track of the changes by means of this type of plugin is very useful.
- Use Secured WordPress hosting– Using the services of Bluehost or InmotionHosting would save a lot of trouble for you. They have more manpower and technical prowess to offer you highly reliable and secured WordPress hosting solution.
Prevent hacks is way better than cleaning up mess later. Even if something goes wrong, relax! There’s always a way out.