How to clean up a hacked WordPress site

If you have been hacked and warned through search engines that your WordPress site has been compromised, you may wonder how this happened and where do you start in clean up of your hacked WordPress site.

We know that when a site has been hacked, this is no easy task. Clean up can take hours and finding the malicious code can be tedious.

An online Guide in cleaning up a WordPress site that has been hacked.

One of the best security plugins for WordPress comes from the dedicated team at WordFence. They have recently made a guide in helping WordPress users find and clean up of an attacked site. Wordfence has put together a 9 step guide in cleaning up a WordPress site that has been hacked.

You can now find the following new guides in the Learning Center that will help you clean specific infection types:

• Removing Malicious Redirects From Your Site
• Finding and Removing Backdoors
• Removing Spam Pages From WordPress Sites
• Finding and Removing Spam Links
• Removing Phishing Pages From WordPress Sites
• Removing Malicious Mailer Code From Your Site
• Finding and Removing Malicious File Uploaders
• WordPress Defacement Page Removal
• How to Remove Suspicious Code From WordPress Sites

We suggest that you subscribe or follow this online learning center and keep up to date on how to clean up compromised sites now and in the future.

So after you clean up your site, how do you prevent your WordPress site from being compromised?

1. Install a good WordPress security. After cleaning up your attacked site, it is best to install and run a scan  that scans folders in your file manager in your hosting. In our resource page you can see our recommendations for WordPress security plugins. Whichever your choose, these are the dedicated plugins of teams that even offer clean up services in case you need it. The plugins we recommend also send you alerts of the activity happens on your site. The sooner you are notified, the faster you can stop an attack.
2. Keep up to date on updates. We can’t stress this enough since most updates for WordPress and plugins are for security reasons. The more you get behind in updates for your WordPress site, the more you may open your site up for attacks. This can be costly in the future for prevention of a few minutes of your time on a regular basis.
3. Change your passwords. It is always good practice to change your WordPress passwords from time to time. All WordPress web site have a password generator that will help you guide your new passwords, to suggest if they are strong enough. We also suggest using password phrases with a mix up of symbols, upper and lower case letters.
4. Monitor your subscribers and users for spammers. In one case we had found a subscriber that was able to get in and make themselves an administrator. This was done in a malicious attack on the server while manipulating files to do so. Fortunately we found the problem and secured the site down while taking care of this problem and preventing it from happening again.
5. Find good hosting. We do not recommend small agencies for hosting in these current times. We suggest you have hosting with larger companies that monitor and keep up with security on their end. With our hosting packages, these servers and dedicated team have been around for decades. We have helped clients clean up their sites in the past who hosted on smaller organizations and found that it wasn’t just their site but the whole server was compromised. Instances like this can be costly for everyone on that shared server.
6. Keep a regular back up of your site. Keeping a regular back up of your site locally can help you restore a WordPress site if you need to. Doing a backup of an an infected site will not remedy a problem if you are compromised but can transfer the infected code with it. So in those instances where you may have to start all over again, it would be wise to have a clean backup file. In our resources you can find plugins we recommend to back up your WordPress site.
7. Create multiple administrators. In case your own profile as an administrator is compromised, email changed so you can not retrieve or change your password, we suggest making at least two accounts for your administrative login. This way if one has been compromised, you can login with another and remedy the problem. Good WordPress security monitoring will help warn you of such changes.
8. Subscribe to push notifications on Secure Hosting WP. Subscribe to push notifications to keep up news and information without having to visit a web site. Push notifications can be new information, reminders that are important to security for WordPress. This makes it easier for you without remembering

These are a good start in help monitoring and keeping your WordPress site clean from hack attacks. If you need further security cleaning, server side than Secure Hosting WP has security cleaning services as well. Prevention is always key to success in your WordPress site.