Help! my WordPress Site Has Been Hacked!

I am hearing this more and more these days. Partly on the WordPress forums, and also form clients that come to me and say “why does my site have these pharmacy adds on it?”

Even though it should be well-known, it doesn’t seem like there’s one spot for the resources that you need to go through to figure out if your site has been hacked, and what you can do to fix it if you have been hacked.

The first thing to do is to figure out if your site has really been hacked, or if it’s something else. The best service that I’ve found for this so far is Sucuri. They have a great free scanner that will tell you if they can detect any problems with your site:

http://sitecheck.sucuri.net/scanner/

If your site has been hacked, you need to start working your way through these resources:

http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Anything less will probably result in the hacker walking straight back into your site again.

Additional Resources:
Hardening WordPress
http://www.unmaskparasites.com/
http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

After all of this, your site should be back in working order. Of course, if you have problems after all of this, there’s always other people that can help (and a small plug for myself in this category as well).

Oh, and remember – you should always have backups of your site! That way if the worst does happen, you’ll be able to restore your backup and keep on going.

Leave a Reply

Your email address will not be published. Required fields are marked *