Last updated: November 7th, 2014
Hacking has always been a prevailing threat to any website. This unwelcome threat is often also experienced by WordPress blogs too. WordPress gives keen importance to securing all its blogs from hackers and any such threat that could be expected. WordPress has experienced hacking in different areas of its functionality like databases, plug in, themes, basic installations and many other areas.
Before we go about getting our WordPress fixed, always remember to make periodic backups to save yourself from any unfortunate loses. Getting to solve your problem, you will begin with recognizing the files that are infected by the virus. To do this you could take assistance from a tool that Cory had on his blog which helped me discover the date when my PC was attacked by a virus. In my case, the hacker uploaded a dodgy plug in which give the hackers control over my install as administrative users.
After identifying the core infected files, you will delete or uninstall them from your system and then change the password of your website or your FTP user name. Like backups, it is also advisable to change your passwords periodically so that even if you are hacked, the hacker will have less or no control. After that, the next thing that needs to be change is ‘MySQL’ password and username. Your third step is to update your wpconfig.php file. Now you will login to PHP My Admin and make backups on your database.
The day your system was hacked does not assure you that execution happened at the same time too, so you should chose a backup that was saved prior to the date hacking took place. I was unsure about the dates, so I preferred choosing the back up that was made soon after my last posts. You need to be sure about completing the above steps before moving on. The next step will restore everything but before that it will delete and clear everything out. This will be done by running the SQL statement which will be present in PHP My Admin in SQL field.
After this step you will go to the dashboard of your WordPress and upgrade it. If you miss out on this step, not to worry as WordPress will remind you to do so. Give your WordPress a new admin name and password which is completely different from the previous one. Give a check to the user list as a final step to see if someone is also mention in the admin panel. Like it is always been said “prevention is better than cure”, we will look at a few quick and easy precautions to save ourselves form going through all this hassle. All you have to do is make strong passwords and be careful not to assign admin user name as user admin.
About Author: David Rice is a content writer working and writing content for codemywp a reputed PSD to WordPress Conversion service provider in the Industry.