WordPress Website Hacked or Attacked by Malware [Keep Calm]

Please open this page in the Admin panel only Sorry for your Loss and can feel the stress you have now, but everything will be fine, dark clouds shall pass away and every evil surpasses. So, here’s a quick relief for you…

Fix WordPress Vulnerability

WordPress website is prone to get attacked by malware or a server hosting WordPress can compromise. This can happen even if you’re conscious about website security. So, let’s go through this quick self-reference guide to overcome such a trauma:

  1. Just Breathe and keep calm.
  2. Try to compose and figure out the cause:
    1. Scan your computer for Malware, Virus or any Backdoor with some Anti-Virus software.
    2. Are you able to Login to WordPress Admin? Yes, cool. No, then reset your password via CPanel -> PHPMYADMIN.
    3. Scan your WordPress Site using “Malware Scanner” Plugins. Just try searching with quoted text and it will list them. Install and Run to fix or detect any malware, etc..
    4. Check for the most recent backup of Website Files and Database.
  3. Finally, check with your Hosting provider and explain them the scenario which you composed above. They’ll do a complete scan of your website and can get it back-up after that.
  4. If nothing works, hire a serious system administrator who can handle scripts and do the cleaning of your website manually. Try me! Me’s not bad either, at least not philosophical level. 😛

What’s After That?

If God’s will get your website up, then believe me you just got a trump card. But you may fall out again in temptation, so here’s another self-reference guide to play-safe:

  • Reset all your Passwords, Secrets and Revoke all API (if connected).
  • Update WordPress to latest version.
  • Update Themes and Plugins to latest versions. If you’ve custom theme developed, then let them know about the vulnerability, so they make sure their code is up-to-date.
  • Uninstall/Deleted unwanted data like, Themes, Plugins or inactive WordPress Installations.
  • Take backup regularly or schedule them with some automated plugin or a macro job. If you’ve a team, then this task can also be delegated or may just hire a reliable person.
  • Lastly, keep your eyes open for Latest News & Tweets about such vulnerabilities, because everyone’s watching your assets and attack the very next moment.

Some references:


Felt Something? Why don't you say it...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s