Posts Tagged ‘malicious code’

Did your site get hacked?

Sunday, May 13th, 2018

Before asking for help, you have to be sure that you aren’t crying wolf about a hack on your WordPress. In the past, several administrators have reportedly contacted anti-hack centres because of a suspected hack threat. However, your WordPress may either be misbehaving due to spam messages. There is a huge distinction between a hack and a malfunctioning site.

Signs that your site has been hacked

  1. When either the header or footer of your WordPress contains illicit ads. Such ads are about drugs or pornography. The penetrators of this act inject such pages without any presentation. Therefore, the ads may be invisible to the human eyes because it takes the semblance of dark text on a dark background. Fortunately, search engines can spot these.
  2. Using example.com as an instance, replace the handle with your site name. Then, paste in the Google search box. If you find malicious contents that aren’t recognizable, your site may be in trouble.
  3. When your audience send reports for spams or are redirected to a malicious website. This can be tricky because perpetrators can recognize you as the site administrator and probably hide the malicious content from you. The spam messages are only available to site crawlers, hence open your site on another account.
  4. When your hosting provider detects spamming or malicious content, they will send you a report. For instance, you may be sent a report about a spam email that is linked to your website. The mechanism lies in the ruse of the perpetrator by redirecting people to their website, using your link as a host. This is because your WordPress link, unlike theirs, can avoid spam filters.

There are many websites on the Internet that can detect such hacking problems. Therefore, research and attention are important tools to surmount the problem.

The importance of backing up your site

The first confirmed sign of a hack should urge you to back up your site without fail. By using a backup plugin or FTP, you can download a copy of your WordPress content. The reason for backup is because it helps you mitigate the risk of losing data to your hosting provider that will most likely delete content of your site when they file a report. This is a standard process that protects other systems from the infectious content on your WordPress.

Website database back up

As this is a priority, your website database must be protected. On completing this step, you can proceed to the cleanup process since you have a replica of your site in your possession.

Just before you clean your WordPress, here are some rules

You will not lose data by deleting plugins, wp-content, and directory. When you reinstall these plugin files, WordPress has an automated system which detects deleted plugins before disabling them. However, you must delete the directories in bulk and not just corrupted files.

In the themes/wp-content directory, there is always a theme directory dedicated to the site. You can spare this file when deleting other directories. A rare case is the ‘child theme’ which is a duplicate of the themes/wp-content.

Files which hardly get new files are wp-admin and wp-includes. Thus, these are the first files to detect hacking because they are mostly empty. When you find something new, it may be time to pull a hack alert.

Also, WordPress has routine backup and installation modules. Usually, most backups can be found in an easily accessible subdirectory called ‘old/’. While your main site may be secure, hackers can break down your backdoor and infect the main site.

Therefore, installations on WordPress should never be left on the site. Upon hacking, they should be discarded immediately before the malware spreads.