What to do when your WordPress site has been hacked?

Nearly every WordPress site can be hacked if you don't stay current with your updated (e.g. Old WordPress version, plugins or themes). Also, a new vulnerability can be discovered within your WordPress version.

What can you do?

The first thing you need to do is get the hack files removed from your directory. Asked our support team to scan your account or see below to for steps to scan your account. Next, take some preventive steps to assure this doesn't happen again. See more information below:

Update WordPress, Plugins and Themes

Because most hacks come from old versions of software, it is important to update all your installed applications. If your plugins or theme is out of date or the developer isn't supporting future updates, please consider to replace your software. Always look for reviews and reliable support.

Security Plugin: Wordfence

You may even want to consider getting a WordPress security plugin to scan for vulnerabilities or stop brute force logins. Wordfence Security is a free security plugin that scans WordPress site for vulnerabilities and known threats. When using, this app upgrade your PHP memory to around 56MB (php.ini).

If you notice that your site was hacked, please contact us to scan your account. Only in cases where your site starts using more memory then is permitted we automatically start talking action and screening the site with all its directories. When scanning, we look for injections of your PHP Shell scripts.

Antivirus

You can also scan your directory with your own Antivirus, but please make sure you have the latest definition files and everything is up to date.

Log into your account with your FTP credentials and download the whole directory onto you local system (including: wp-admin, wp-content, and wp-includes folders). Scan all the files and look if your Antivirus notifies you of any threats (see logs with files with the infected PHP Shell Scripts). If everything is clean replace your files with the online files in your account.