When your lovely sparkly Wordpress website is hacked, the first thing to do is… of course panic!

Next thing is to become Cool hand luke, as the old saying says, “cooler heads prevail”!

There is nothing worse than a potential customer coming to your site and they are seeing casino & viagra ads plastered across your website.

Even as a designer/developer we are also open to having our own websites attacked just for the fun of it…but for the most part these days, these hackers are trying to add spammy links to your site to possibly help another business to increase its Google ranking…its all very old school black hat stuff!

So here are some top tips for securing your newly hacked site and trying to recover from such a harmful business attack.

  1. Firstly, and most importantly, have some sort of backup of your site. Good hosting companies like Siteground have daily backups of their servers( see what packages have this ). Which means, your site can be reset to the day before. For our clients and our own WordPress sites, we use All in one import with (Google drive) extension. This allows us to back up the site daily. It is super easy to revert to a backup and is a must for any wordpress website owner.
  2. If you’re unlucky enough to not have backups available, time is of the essence, A key giveaway that your WordPress site is being hacked is that you receive a Google console notification that your site has been hacked or you may receive a new user notification. If this happens and it is out of the ordinary, login to the site as soon as you can and delete the new user and change all your user passwords.
  3. Assess the damage. This can be the part that takes time to evaluate. If you have reset your site to a previous backup, you can possibly skip this method. If not, getting a malware scanner such as Succuri malware scanner to take a look at the site is a good idea to see if there are no nasty scripts hidden on the site.
  4. If you have been able to scour the site and see nothing of note, it’s perhaps the time to breath a sigh of relief and wipe that brow.
  5. If anything, this has now taught you that your site’s security is super important. When your site has more visibility the chances of attack increases, so being extra vigilant about security & site updates will now be something you will obsess about to your team or your web designer/developer.
  6. Don’t blame your web designer or hosting company, if your web designer has kept the site up to date and secure, it’s likely this attack will be out of their control to defend against if its an advanced targetted attack.

Alternatively, if you need a third party such as ourselves to intervene, throw us a call or an email and we can see what we can do to help.