This is a guest post by:
Lisa Smith is a designer by profession, writer by Choice. Writes articles for Pleasure as well as for Living. Apart from this, she also Volunteers in a Few Animal Rescue Centers.
These days a lot of people are creating their own websites and blogs. With WordPress being one of the easiest blogging platforms, this comes as no surprise that most of them choose this for their blogs. However, this also means that hackers too have their eyes set on the WordPress blogs and websites. In fact, a number of hacking incidents have been reported time and again by various WordPress users.
Worried? Don’t be. It is quite easy to detect a hack on your WordPress blog and correct it quickly. Wondering how? Read on to find out more.
Ensuring the Hack
Many a times, it has come to the fore that blog owners falsely detect a hack and raise alarm. So, before you start getting worked up, make sure that your blog has really been hacked.
- Ad Check: If you see ads which were not there earlier and do not belong to your clients, then chances are that your blog has been hacked.
- Altered Link Destinations: Click on the various links that you have included in your website template and check where they lead to. If you see that the link destinations have changed then you can be assured of a hack.
Knowing the Hack
There are a number of ways in which a hacker can hack your blog. In order to rectify this, you need to understand and identify what the hacker has actually done to your blog. Here are a few things you can do that can help you to know the hack type.
- Try logging in from the admin panel of your blog
- Key in your WordPress blog address in the browser window and check where it leads
- Check the various links in your blog and identify the malicious ones
- Check how the popular search engines mark your blog
If you see any discrepancy in the aforesaid tests, note this down as your hosting company would ask you for these details.
Inform your Hosting Company
Once you are sure that your WordPress blog has been hacked and you have ascertained the nature of the hack, go ahead and inform your hosting company about this. Many a times, there are chances that the provider may have detected the hack too. Give them all the details that you know of and ask for guidance. It would be a good idea to find out the reason behind this hack and what you should do to avoid this in future.
Scan for Malware and Remove it
Scan your whole blog to check for various WordPress templates and plugins on your blog that have not been used for long. If you come across any such elements make sure to remove these immediately as most often than not, the hackers use these as a backdoor to access your blog. Using the various plugins like Theme Authenticity Checker and Sucuri WordPress Auditing can help you ascertain which themes and plugins are safe and which need to go.
Changing all Passwords
The next step is to change all the back end passwords to your blog. Do not forget to change the passwords of other users too, who may have had access to your blog. Make sure to check the user permission section in WordPress to find out who all have been granted access. It would be wise to limit the access to you and your very trusted colleagues.
Change the Secret Keys
Changing the passwords alone is not enough. The security key that WordPress generates to encrypt your password should also be changed. This would mean that any user who may have logged on to your blog using your password would continue to have access to your blog unless you delete the cookies. So, create a new security key for your blog. This will remove all the cookies and restrict access of others to your blog. Add this to your configuration file which is called wp-config.php.
Restore the Blog from the Backup
You might have heard that it is important to backup your WordPress blog. Actually, this usually comes in handy when your blog is hacked. If you have a backup of your blog, you can easily restore your blog after cleaning up the hack. It is important to note that if you do not have a backup and your blog gets hacked, the hosting provider would delete your blog to ensure that hackers do not access the other blogs of the provider. Using WordPress plugins for backup can help you to store a copy of your blog with the hosting company, to be accessed when required.
Following these steps will help you clean your blog. However, if you continue to face problems, you may need to get some professional help.
It is extremely important to keep your WordPress blog safe and secure. Recently Google has announced that any blog or website that has been hacked would be tagged with spam results. So, it has become all the more important to keep a close eye on the security of your blog.