I frequently look through the WordPress Goldmine Forum and identify common problems that people are having, on of the things i do is keep a list of keywords and then search for those i.e amazon + disabled , deindexed etc it helps me to get a feel of what the main issue are .
I did a search 2 days ago and noticed that there were a number of members who had had their sites hacked I counted 6 posts that talked about people problems from hacking and hacking attempts
These hacking attempts all seemed to be different, some just replaced the front page with a “you’ve been hacked” message, others changed the admin login and possibly the money links!! Others added links to lots of pharma sites. (Google de-indexing here we come)
One thing they all had in common was that the incomes from the sites dropped that is usually the first indication of an issue.
For 80% of people reading this it’s not a case of If I get hacked but When I get hacked.
There are 2 sides to hacking recovery and prevention.
Recovering from a hacking attack can take time and effort all the time you are losing money.
The first step will be to do a full restore of your site. Does your host have a full restore available and the ability to restore it? Test that as soon as you finish reading this, Pick a small blog that doesn’t earn you much and rename the index.php to something like xindex.php Now ask you host to restore that site from yesterdays backup. I am serious about this I’ve lost count of the times that well known hosts haven’t been doing backups properly.
Now you need to change all your admin passwords and they all need to be different, ensure they are not dictionary words but something like h4dy4j66js!!@5 I use lastpass to generate and store my passwords but there are a number of services and tools that will do that for you. It’s another good idea that after you get your site above restored that you practice changing the admin login and password via the mysql database using phpmyadmin, yes it’s technical but it’s something you need to be able to do.
By now you should have recovered your site the last thing to do is check all your adverts and links and make sure that there are no hidden links , if your backup was successful this should be ok but if you’ve just restored the index.php or changed the admin password and login then you have to do this.
Well done you’ve just recovered 1 site.. only 59 left to go! 🙂
Serious Note time: Please consider simulating an attack on one of your sites and then recovering from it, it will test your systems and your hosts systems and if it ever does happen to you you’ll have a plan to follow and you’ll know what to do and not panic! I used to have to take part in disaster recovery exercises for a major bank and believe me having done it in a testing environment made the real thing a lot easier to handle.
See what a nightmare being hacked can be.
The main thing you can do to prevent hacking is to use unique non dictionary passwords to start with. Ensure that wordpress and all your plugins are unto date, delete unused themes and plugins. Know where your themes come from, If i had no scruples I could easily give you a brand new theme that is guaranteed to increase conversions and include a nice little backdoor in it. Only use themes and plugins from reputable sources.
Finally the best cure for hacking is good prevention. I have no qualms about recommending a book from one of our WPG members called Lockdown WordPress it’s good solid information and it tells you exactly how to secure your sites to make sure you don’t get hacked. Not only that it’s cheap!