5 things to do after a hack
Even if you try your utmost best, chances are hackers will find a way to hack your site. Following our WordPress security article, I’ll show you five things you should do right after you find your site to be hacked. Some of those things you should probably do before it even happens!
1. Understand what just happened
Your site has been hacked. There are a number of ways this can happen. It might be due to poor maintenance (more on that later), or due to bad plugins. Regardless of what the cause is, you’d better prepare yourself. Your website is on WordPress, and because of the huge user base WordPress has, hackers like WordPress as well. I think my personal website is under brute force attack a couple of times a day. Don’t even get me started on the site you are reading now. This isn’t an invitation, but please realize that hackers try to hack your website all the time. You are no exception.
Tony Perez did a webinar about how websites get hacked earlier this year:
A few things that might lead you to believe you’re suffering a hack might include:
- Google has blacklisted your website;
- Google search result pages show “This site may be hacked”;
- Your host has disabled your site;
- Customers notify you via their local AntiVirus applications;
- Your website is not behaving correctly or generating odd errors.
There are some free tools available to help you in the process, like the SiteCheck Scanner and Unmaskparasites Security Scanner.
Knowing what happens and realizing that you are vulnerable, is half the battle. Please read our WordPress security article and monitor your website at all times. On top of that, you might want to install a web application firewall and a local application security plugin.
2. Harden WordPress
There are a lot of things you can do, but at least address the following:
wp-config.phpfile and you can generate these here. Copy/paste in your
wp-config.phpfile, save the file and step 1 is done.
By the way, you can also find these three immediate actions in the Sucuri Scanner plugin, as Post-Hack recommendations.
Order a website review and get a plugin of your choice for free. We’ll even configure it for you
$ 599 – Buy now »
More info »
3. Keep your website up-to-date
Keeping your site up-to-date sounds like SEO advice: “Dynamic content makes your website rank better”. But please keep in mind that a healthy technical install really protects your website from hacks. Personally, I stay away from plugins without updates in the last two years. There is a reason WordPress.org tells you that. Hackers target vulnerabilities in older versions of WordPress. The version of your WordPress install is in your WordPress readme.html file (so remove that), and sometimes even right in your source code.
The bottom line is to keep both plugins and WordPress up-to-date at all times. Note that this advice goes for activated and deactivated plugins, as these are just as vulnerable. Make sure to update all of your software (after cleaning up your website) after a hack. This way you’ll have all the latest security updates and makes you less vulnerable. Nevertheless, we find lots of sites running old versions of WordPress and plugins during our website reviews.
4. Restore a backup after the hack
Valentin Vesa of Sucuri pointed me to this when discussing the subject with him. Create a backup strategy. Please don’t be the guy that installed Backup to Dropbox or Backup Buddy and has never restored a backup. Make sure you can. Monitor your backups. Store your backups offsite. Plus, you have to test your backups now and then, to make sure all is right.
Solid backups make it possible to quickly restore your website after a hack. It might cost you a few updates, but at least you’ll keep your site up and running. After restoring a backup, follow up on advice number three of this list and make sure to update your WordPress install and all of your plugins.
5. Don’t try this at home
Don’t take security lightly. In most cases, it’s a trade of its own. You are probably not the most capable person to take care of it. Webmasters, web agencies, and business owners have other qualities that matter. If you hire a security company like Sucuri to take care of your website security business, you can focus on the things you are good at.
And yes, quality security services cost money. But think of all the time you are saving not having to worry, or dealing with a hack yourself. To make it even better for you, Sucuri has a nice offer for our readers:
A 25% discount if you purchase a complete security package of Website AntiVirus & Firewall (basic) and pay for a year upfront (currently $199.99 / year). This also goes for any of the higher Firewall plans as long as the payment is made for the year up front.
Use coupon code YOAST252016 at checkout and get a 25% discount
All the more reason to prevent your site from being hacked, instead of dealing with security after the hack is already done!
This article was written with the help of our good friends at Sucuri.
Thanks, Valentin and Tony!
Read on: ‘Regular security audits: taking our responsibility’ »