WordPress is one
of the most popular content management systems at present. However as a general
law, the increasing popularity comes with a number of dangerous has gained
attention of bad boys as well. There are so many people who are reporting the
cases of hacked WordPress account on a regular basis. So I have thought of
putting a complete guide to discuss how to recover your hacked
WordPress.
Ways To Recover Hacked Account
Below is the perfect
path to follow to get your hacked account back:
Backup – Even if your website is infected to a small
extent, it is still very much necessary to secure the backup for your website
before waiting for watching the things turning into worst. Don’t forget to take
backup of your entire database and all files. You can also try for a faster
solution by using BackupBuddy.
Change Login Details
and Secret Access Keys – At the time you sense the hacking attempt, just try to login
to your account to check whether your login details are still effective or not.
If the username and password details are not yet changed then immediately
change all the WordPress secret access keys in wp-config.php file and of-course
your username and password.
Running Scanners – Running a scanner is also a very helpful
step and comes at number 3 in this list. The scanners are basically used for
identifying the compromises at the level of database. You can try out Cloud
Sites WP Scanner plug-in or Sucuri Malware Scanner. After running the scanner
you should make sure to move the next step stated below.
Installing Your
WordPress Again – Next important step
involves Deleting all the files existing in the directory of WordPress except
wp-config.php file and wp-content directory. After that you need to download
and install a totally fresh copy of WordPress. Now edit the
wp-config-sample.php file by substituting the sample values by picking the
actual database values from the wp-config.php file that you haven’t deleted as
stated above. Now you can delete the present file and replace it with your own
file.
Review Content Folder – Next task involved to check all the
folders to find ones with any suspicious activity in your wp-content directory.
So carefully analyze the folders content and remove any one that seems not to
be belonging to you. If you later find that the folder was actually needed then
you can get it back from your backup.
Analyze and Re-install
Your Plug-ins – The next steps after
completing with reviewing the folders’ content includes reviewing the plug-ins.
Collect information about what plug-ins you are not using currently and
uninstall them all for the time being. Now coming to all other activated
plug-ins that you are using currently, deactivate and delete these plug-ins and
then re-install and activate the active plug-ins.
Analyze Your
Themes – Now the next thing
that should be taken care of is the task of removing the extra themes which are
not in use currently. Next task again involves reviewing your activated theme.
Look through the PHP or Javascript code to find out any suspicious activity there.
Most of the time hackers make such malicious changes in header.php or
footer.php files.
0 comments:
Post a Comment