, , ,

WordPress Website Hacked? 10 Steps to Get You Back on Track

When your WordPress website is hacked, a million things go through your mind. What did the hackers find, change and steal? Who else is in danger — are your employees, partners or customers at risk now too? And how did the hackers get into your site in the first place?

Before you can take the next steps, you have to stay calm. The truth is that hacks do happen, regardless of how well-protected you believe your site is. The good news is that this is a common occurrence and there are established to-dos to start tackling right away.

Also, sometimes websites go a little bonkers — it doesn’t mean you’ve been hacked. A misbehaving website, malfunctioning update or odd comment on a blog post are not surefire signs that your site’s been hacked. You’ll want to dig deeper to make sure you know what you’re dealing with before you try to solve the wrong problem.

How To Tell if Your WordPress Website has Actually Been Hacked

Here are the signs that you’re dealing with a bonafide hack — hopefully, you can say “no” to everything on this list. (And if not? We’ve got lots more help for you.)

  • You’re unable to log in to your WordPress website.
  • You’ve noticed a severe drop in traffic.
  • There are website changes that you haven’t made.
  • Your website is redirecting to a different site.
  • When anyone tries to access the website or even search for it in Google, a warning shows.
  • The server logs show unusual activity.
  • Your security plugin or hosting provider has notified you that there’s been a breach or unusual activity.

Let’s get into some of these a bit more.

Can’t Log In to Website

The most common reason why someone can’t access their website isn’t a hack — it’s because they forgot their password (or think they know it but actually don’t). Reset your password to see if that’s the problem.

 

Now, if you can’t reset your password, that could point to a potential hack. Hackers will often remove a user or change their password to keep them from accessing the site. If you’re not able to reset your password, it could be because someone removed your user account. Usernames that contain the following are particularly easy to hack:

  • Admin
  • Administrator
  • Root
  • Test

Also, if you are able to reset your password but you notice other red flags that we’ve listed, you could still be the victim of a hack, so read on.

Drop in Traffic

When a high-performing website stops seeing an influx of traffic for no known reason, it’s possible it’s been hacked. Redirected traffic, a decreased user experience or Google blacklisting your site can cause traffic to plummet.

Unrecognized Website Changes

Often, hackers will change your website in big and obvious or tiny and hard-to-catch ways. It could be as clear as the home page being overwhelmed by ads or the theme being totally different. Or, it could be as difficult to find as teeny links hidden in the footer. It’s also common for the added content to be of an illegal nature.

Often, this type of added, unexpected content doesn’t fit with the design scheme or take presentation into consideration. That means that there may be a black ad over a black part of the website, keeping a lot of it concealed.

You can also see if any pages have been added to your site by doing a Google search for site:yoursite.com (replacing yoursite.com with your actual URL). Skim through the results to see if there’s anything you don’t recognize.

Before you assume this is the work of a hacker, check with the rest of your team to find out if any admins or editors made the change. Even an outlandish change could have been a complete accident.

Website Redirects Somewhere Else

It’s common for hackers to add a script to your website that redirects visitors elsewhere, like a dating site or something untoward. You may not notice this yourself, as some hackers will only show the redirects to non-administrators, so it will look normal to you. But if you’re getting feedback from visitors that they’re being sent to another site, listen up.

Browser or Google Warnings

Yes, a browser warning that says your site’s been compromised could point to your WordPress being hacked … or it could mean that there’s code in a plugin or theme that has to be removed. There could also be a domain or SSL problem, which your host can probably help you figure out. The browser warning may provide you with some info that you can use to start troubleshooting the problem.

A Google warning is similar, though more straightforward – it’ll probably say, “This site may be hacked.” This can happen when a website sitemap is hacked, which impacts how Google crawls the site. Like with a browser warning, you have to take whatever info you’re given to start diagnosing the problem.

If you’re still hearing from users that your site is flagged, it could be that they’re getting a notice from their anti-virus product. Even if Google whitelists you again, you’ll have to follow the instructions for the anti-virus products to take you off their list of dangerous websites.

Unusual Activity in Server Logs

If you’re worried that you’ve been hacked, log in to your cPanel via your hosting provider. There are two types of logs to look at:

  • Access Logs: Who accessed your WordPress site and through which IP.
  • Error Logs: Errors that occurred when your WordPress system files were modified.

Look for any unusual activity. If you find IP addresses that shouldn’t have access to your site, block them.

Understanding Why and How WordPress Websites Get Hacked

There are a number of reasons why WordPress is hacked. The top three are:

  • Insecure Passwords: Every user of your site, along with your FTP and hosting accounts, needs a highly secure password.
  • Out-of-Date Software: Plugins, themes and your WordPress installation need to be updated regularly, whenever a new version is out. Without updates, you leave vulnerabilities for hackers to take advantage of.
  • Insecure Code: Low-quality WordPress plugins and themes can put your site at risk.

There are several savvy methods hackers use, and the techniques are improving all the time. As sites get safer, hackers get smarter and more creative. Here are just a few of the main routes that are taken to hack WordPress:

  • Backdoors: A backdoor hack bypasses all the traditional ways of getting into your site. The hacker may find a way in through hidden files or scripts.
  • Brute-Force Login Attempts: Automation is used to figure out your password and get into your site. The weaker the password, the easier it is to crack.
  • Cross-Site Scripting (XSS): This is a vulnerability that’s often found in plugins. Scripts are injected that let a hacker send malicious code to the user’s browser.
  • Denial of Service (DoS): If there’s a bug or error in the website code, the hacker can use those to overwhelm a site until it breaks.
  • Malicious Redirects: A backdoor is used to redirect your site.
  • Pharma Hacks: Rogue code is inserted into an out-of-date WordPress version.

10 Steps To Recover a WordPress Website That’s Been Hacked

If you’ve been hacked, do the following as soon as you can. Try to stay calm as you go through this list — panicking will only make it harder to work efficiently, and you could miss important steps along the way.

Put Your Site in Maintenance Mode

If you’re able to access your website and log in, put it in maintenance mode. You want to do this even if there’s nothing obvious that users will see when visiting your site. As you’re working on it, maintenance mode protects their devices and information, as well as keeps it under wraps that you’re dealing with a hack.

Find Your Backup

You’re going to contact your hosting provider in the next step, but sometimes, when a host finds out you’ve been hacked, they delete the site immediately to prevent further problems. That’s why you need backups of your site and database first.

If your backups are stored on the same server as your website, they’re likely gone once you’ve been hacked. However, consider checking these spots in case you have one saved there as well:

  • Your Backup Plugin: If you use a backup plugin, there’s probably a backup stored in the provider’s cloud service.
  • Your Cloud Account: See if you’ve manually saved a website backup to your cloud service, like Dropbox or Google Drive.
  • The Hosting Provider: It’s possible that the hosting provider you use has a backup of your site that you can still access.

Contact Your Host

Depending on the type of hosting package you have, your provider may be able to take the reins and handle a hack for you. Early on, contact your host to (a) let them know your WordPress website has been hacked and (b) find out what help they offer. If you’re not able to gain any access to your site at all, you may need the host’s help to get anywhere.

Reset WordPress Passwords

You won’t know which password was hacked, so it’s safest to change all of them ASAP. While you’re at it, reset any and all passwords associated with your WordPress, like your database, host and SFTP passwords. Also, contact admin-level users right away and have them change their passwords as well. Moving forward, aim to change your WordPress login every couple of months or so.

Update Everything

Make sure your WordPress installation, plugins and themes are all up to date. Doing this early on means that you may patch a vulnerability that the hackers initially got through. If you wait too long to do this step, you could go through the trouble of fixing your site only to have it hacked again through the same outdated plugin or theme.

On top of updating your plugins and themes, do the following:

  • Deactivate and delete anything you don’t use.
  • Are you worried that one of them is from an unreliable vendor? Deactivate and delete it.
  • Remove and reinstall any that you think may be giving you trouble. Or, better yet, remove the plugin or theme and then replace it with something else from the official directory.
  • Check the support pages for the themes and plugins you have installed. There may be recent comments from people who are having the same issue.

If you want to delete plugins from your SFTP instead of the WordPress dashboard, you can. Make sure that you delete the entire directory for the plugin, not individual files. You’ll look for wp-content/plugins/[plugin name] and delete the entire directory and everything in it.

You can do the same for unused themes by going to wp-content/plugins/[plugin name]. Keep in mind that if you’re using a child theme, you probably have two directories to retain so that your theme stays intact.

Remove Unnecessary Admin Accounts

Check through all of the site’s admin accounts and get rid of any that you don’t recognize or that are no longer relevant. For those who still need access to your site but aren’t admins, change their access level. Also, it’s a good idea to check with admins to find out if they changed their account details before you delete an account that’s actually legitimate.

 

Remove Files That Shouldn’t Be There

You’ll probably need a security plugin for this step. Running a site scan should alert you to files that are there but shouldn’t be. We’ve rounded up the six best WordPress security plugins for your site.

Clean and Resubmit Your Sitemap

If your sitemap’s been hacked, it could have malicious links or foreign characters in it. Your SEO plugin should let you regenerate a fresh, clean sitemap. You’ll then have to submit that to Google via the Google Search Console. Let Google know that your site has to be crawled again.

This can take up to two weeks, so know that the search warning may not be cleared until then. To check if your site’s back in good standing, you can go to this URL: http://www.google.com/safebrowsing/diagnostic?site=http://yourwebsite.com/

 

Reinstall WordPress Core

When nothing else seems to work, the only way to repair your site when WordPress was hacked is to reinstall it entirely. You can do this through the admin dashboard or through your file manager.

Clean Out the Database

Lastly, clean out your database. Your security plugin should be able to tell you if the database was compromised, and it may also be able to clean it out and optimize it.

How To Prevent Getting Hacked in the Future

We know you never want to go through this again. Here’s what you can do to prevent your WordPress site from being hacked in the future.

Set Secure Passwords and Two-Factor Authentication

If you haven’t done this already — or if you did but you rushed because you were panicking — make sure that all of the passwords for your site are strong. Then, add two-factor authentication to your site, which will make it tougher for a hacker to create a false account.

Use a Security Plugin or Service

We’ve mentioned this so many times already that you’re bound to know by now that you need a security plugin for your site. The biggest benefit to this type of plugin is that it will alert you if there’s an issue so that you can take preventative steps before it gets out of hand.

Need even more protection? There are security services that will monitor your site for you and fix any issues that arise. And if you are hacked again in the future, they’ll handle all of the troubleshooting steps for you.

Keep Your Website Up to Date

Everything on your site should be up to date, from the WordPress version to any plugins and themes you have installed. Updates usually have security patches, so leaving them out of date means that hackers can easily find their way in. If you’re not in your site regularly to perform maintenance, use an auto-updater to handle it for you.

Use SSL On Your Website

SSL is standard with most hosting packages, and it adds another layer of security to your site. Check with your host to see if SSL is included. If it’s not, you can install a dedicated SSL plugin, or check if your security plugin includes it.

Use a Firewall

A firewall acts as a bouncer between your site and the rest of the world, blocking anything dangerous before it has the chance to cause a problem. You can use a security plugin or service, but first check with your host to see what type of firewall protection you already have.

Be Careful With What You Install

Only install plugins and themes that come from reputable sources — the official WordPress directory is your best bet. And even then, make sure that what you’re choosing has been tested with your version of WordPress. Avoid plugins and themes from third-party sites. If you must get one from somewhere other than the WordPress directory, research to find out if the vendor has a good reputation.

Clean Your WordPress Installation

Anything that’s hanging around that you don’t need anywhere should be deleted, including:

  • Files that you no longer use
  • Plugins that are inactive or active but unused
  • Themes that are inactive that you won’t use again
  • Old WordPress installations
  • Unused databases

Old WordPress installations are especially vulnerable. Often, your backups are kept in a subdirectory of your site. So while your main website may be secure, a hacker can get in through those old installations.

Try to walk through this cleanup routine regularly, like every three months, to keep your website more protected against getting hacked.

Wrapping Up

When your WordPress website has been hacked, your site often isn’t available to your visitors, which could impact everything from your brand’s reputation to your income. Acting quickly and smartly is necessary to get your site back in working order. Then, the next most pressing matter is how to keep your site healthy and hack-free moving forward.

Luckily, many of the maintenance suggestions we’ve covered are no-brainers. You probably already know that stronger passwords and up-to-date plugins mean a healthier site, just to name a couple best practices. By following the advice in this article, you have a better chance of fixing your WordPress site after it’s been hacked and avoiding the same headache in the future.

/by
, ,

4 Elements That Can’t be Missing from Your Footer

The footer is a valuable space on your WordPress website. Utilized correctly, it can help visitors find what they need and stay on your website longer. The WordPress footer shouldn’t include anything and everything. It should be designed well and serve its purpose. In this article, we’ll look at 4 footer elements to include in your website’s footer.

1. Footer Elements: Contact Information

First, we’ll look at contact information. This type of information makes it easy for customers to talk to you and find your physical location. It’s often included in detail on a contact page but having some of the information in the footer is helpful. Shorter versions of this information are great for footer elements.

Basic contact information includes the email address, phone number, and address. For a store, you can add opening hours and other information. These are often added with individual text modules. Other modules add elements that make them stand out such as titles and dividers or styled borders.

Contact Form

Add a contact form so your visitors can reach you easily. Add the specific fields you want, but it’s best to keep it simple for the footer.

Social Media Follow

Social media follow buttons are ideal for almost any footer. Add your active social networks.

Map

Maps are great for providing directions to your physical location or the location of events. They’re easy to add with a Map module or plugin. They can be full-width or just take a up small column. Alternately, you can add Google Maps HTML.

2. Footer Elements: Calls-To-Action

Next are CTAs. Calls to action are powerful footer elements. Adding a call-to-action to the footer gives you one more chance to push something important to your business goals. This can be an email subscription, membership, link to your shop page, a reminder to ask for information, etc.

Email or Newsletter Subscription

Adding an email or newsletter subscription is as simple as adding an Email Optin module or other form element.

Purchase Call to Action

Create a link to your online store to remind visitors where they can shop. The shopping CTA should be larger than most other links and stand out. They can be full-width or fit within one of the columns.

Project CTA

A project CTA can nudge the visitor into requesting a quote or contact you for more information. They work best when they’re larger than other elements around them, but still keep them simple and clean.

3. Footer Elements: Links

Next, let’s talk about links. Links are some of the most popular elements we see in a WordPress footer. They work great as footer elements and they’re easy to add. They can link to pages, posts, comments, products, events, services, and lots more. There are several ways to create them.

Links to Pages

Links to pages can include specific products, legal information, about your company and team, your contact page, etc. It’s also good for links to pages that you don’t want to place in your primary menu. These links are usually created manually.

Posts and Products

Display a list of your latest posts and comments. You can also display WooCommerce products based on category, featured, hand-picked, or popularity. Add the proper widget to the WordPress widget area and then add them to your footer. Some themes offer a Sidebar module for that purpose.

Navigation Menus

Navigation menus look great when the links are stacked. You can add a stacked navigation menu widget to a footer area in your Widgets screen and then use a Sidebar module in your footer. Displays the navigation menu in a vertical stack.

Services and More

The footer is an excellent place to add links to your services, projects, portfolio, resume, case studies, events, etc. They work the same as regular links or you can highlight them with images or icons. Use only a few links rather than linking to all your projects and services.

4. Footer Elements: Company Information

Finally, we;ll look at Company information. This is one of the most important of the footer elements. Often, this type of information doesn’t fit well anywhere else on the page. This also works as a summary of the information. This includes copyright, company mission statement, information about the company, photos of people or products, etc. Be sure to keep it simple.

Copyright Notice

The copyright notice usually appears at the very bottom of the footer. You can enter the year manually or dynamically.

Mission Statement

Mission statements can be powerful messages about your company. They’re especially important for companies, such as charities and churches, that help others and accept donations that need to build strong relationships with donors. Mission statements are easy to add with Text modules.

Branding

Adding branding, such as a logo, reminds visitors of who you are. Add a logo using an Image module.

Photo

Photos can be a great way to make yourself relatable to your audience. Add an Image module along with Text modules for your name or contact information. You can also add photos of your products or an example of your work. One or two small photos are all you need in the footer.

Testimonial

A testimonial can help build credibility. Add one with a Testimonial module/plugin. You can add more with a Slider module/plugin and set it to display one at a time. Keep them short.

Ending Thoughts on Footer Elements

That’s our look at 4 footer elements that can’t be missing from your website and how to add them. The details of the elements are up to you, but every footer needs:

  • Contact information
  • A CTA
  • Important links
  • Company information

These examples show one method of how to create these elements, but they can be created using other footer placements. There is a lot of flexibility on what these are and how you create them. Be sure not to clutter the footer area. Use borders and different background colors to separate the elements and footer sections. Building these 4 important footer elements will make your footer more valuable and useful to your visitors.

 

 

/by