A WordPress website infection, or as some may call it a hacked site, can be one of the most frustrating things you encounter. Most website hosts will identify the infections and either inform you about them or inform you about them and shut your site down. They will not provide any infection or hack clean up services. They will tell you to perform the clean up yourself or seek out a developer to help you. Now for the average WordPress user this really bad news because while they try to figure it all out, their website may be down or piling up with more infections and possibly corrupting their content.
So in an effort to save your sanity, we have come up with a list of 5 things you should do immediately when you get word or insight to a WordPress Infection.
STEP #1 – STAY CALM & COOL
This is probably the most important step. You really want to no freak out. We have seen some of the messiest WordPress Infections ever and there always was a happy ending. Now if you are reading this and you do not have a good website backup plan in place, please do that right now. It is so important to make sure you have a running backup of your site to remedy many things that can happen including an infection. not sure what to do, we can do it for you at THIS LINK.
STEP #2 – CHANGE ALL PASSWORDS
There is a huge chance that once of the login credentials used for your site and or server was compromised. This is not only the administrative login to the back-end of WordPress but also your hosting account control panel or FTP account. Change these right away so you can stop the wrong type of users from logging in and reeking havoc on your site. You can also check to see if you have any users registered on your website that should not be there. If you notice additional users that don’t belong, delete them and all their content immediately.
STEP #3 – CONTACT YOUR HOST
That’s right, ask your host for as many details they can give you about any infected files. Main thing is where they are located on your hosting account. Your host has access to server scanning tools that you do not and they can track done the infections for you which will make it easier to remove. Remember that you pay your host to serve your website to the world, so put them to work in crisis like a WordPress Infection.
STEP #4 – SCAN YOUR COMPUTER
Sounds like an odd step but we assure you that many infections that get injected into WordPress sites come from the computer of the site owner. Now hopefully you have a decent malware/virus scanner on your local computer. Run it and remove anything that is found to be harmful. If you do not have software to do this, you can get some for free at THIS LINK.
STEP #5 – GET DOWN & DIRTY
Alright, you have made it through steps 1-4 and now it’s time to get into the nitty gritty of the clean up process. This step actually requires an entire article it self because there are many different variables which determine the plan of action. For example, some infections will corrupt your site so bad that you can not access it or the host has removed access to it. Other infections will be subtle and hidden from some infection scanning tools which then require some more advanced Sherlock Holmes skills to drill down, isolate and remove the infection.
Remember that your ultimate goal is to find the infected files and do 1 of 3 things:
- Clean the file out
- Delete the file if not needed
- Replace the file with a fresh & clean version