There are hackers on the prowl, determined to wreak havoc. They don’t have to benefit, they just may be doing it to get a kick out of it. However, if you are a site owner or an avid blogger, the damage this can do to your business is formidable. It is more like you’ve been robbed of your livelihood because you get to lose your search engine rankings that you strived so hard to build up and achieve. Apart from being infected and affected yourself, you are exposing unsuspecting readers who could automatically get affected by just visiting your site and reading your blog. However, that’s not the end of the road and you don’t have to be too worried about it as this is something that can be fixed, and more importantly, such occurrences in the future can be prevented.
The first thing you should obviously do is to create a backup for your website and the database. Check and find out if access to FTP or file transfer protocol is still intact, the same goes for your phpMyadmin. If they are safe, create a backup and download them to your database. Ensure that the files get downloaded to a safe and secure location like your hard drive where no one could get to them easily. Ensure that the anti-virus software on the computer is turned on because the files could already be infected by malware, viruses, or Trojans and you could run the risk of exposing your computer to grave risk. If the readers are used to downloading stuff from your site, you need to backup that as well.
You can go ahead and download the latest version of WordPress, and the plugins as well. It’s best to download a clean new template, you could use WordPress’ default template till such time. For all you know, the hacker could have been after that great new theme you were working on . Check your WordPress theme for any malicious codes. You must be aware of the large quantity of WordPress themes that are created every day. As the themes are stored in a repository and found in companies and blogs and in forums and other websites, there are more chances for the themes to get infected with malicious codes or Trojans. There are people out there trying to steal keywords and overpopulate your site with links which can generate traffic and business . In the process they tend to leave behind malicious codes on the templates.
Another thing that you should not forget to do is to delete all files and folders in your WordPress directory installation without a trace. You can use the FTP to do this or through the File Manger. Once all the files have been deleted, you can be absolutely sure that no virus or malicious code can exist. You can now go ahead and download WordPress and have it reinstalled. Check that the files you downloaded and saved to your hard drive have been scanned thoroughly for viruses and malware and upload the files. While on the job, ensure that your wp-config.php file is edited correctly and have new secret key values created, just to be on the safe side.
You are now ready to run the database upgrade. You can do this by going to wp- admin/upgrade and ensure that it has been done correctly. It will be a good idea to change the admin username from the default username to something more secure and that you can remember. The same goes for your password too as both have already been compromised. If you have given permission to others to use the site and if they have the privilege to edit files and install plugins, their passwords need to be changed as well.
It would be a good idea to double check to see if you still get linked to any unwanted and malicious sites. If you use FireFox you could check using FireFox Addon Linechecker that helps you identify the links on your page. Check your blog posts manually and check if your posts now have redirects. Use the anti-virus plugin to scan your WordPress installation one more time. Activating the daily automatic scan will add to the security.
This is a guest post by Mark Bennett of workwelltogether.com, a site that offers savings and current information on the fastest comcast internet and best comcast cable services.