What happens when you find out your website has been hacked? The short answer is that someone has to clean up the mess, and make sure the hacker doesn’t just get back in the same way. The web development site Smashing Magazine has a good article that asks, “Are You Prepared Against A Hack?“, though the content of the article is really a recovery plan. Even if there are no visible signs that your site has been compromised, you’ll want to have it cleared because your search rankings will suffer. Some site visitors may see large ominous-looking warnings before they enter your site, and will report that they can’t get to it.
The linked article includes some great advice and a number of technical recommendations that include using command-line instructions on your web hosting account. You may not have command-line (aka shell) access enabled on your account, and will need to configure it in cPanel or by asking your friendly neighbourhood web host to enable it for you. The list of steps in the article is not exhaustive, but should help clear out the vast majority of issues — and you may even find simpler methods. If you catch it early enough, simply restoring a site backup may even be an option.
An Ounce of Prevention is Worth a Pound of Cure
One of our favorite blogs recently posted About WordPress Plugin Vulnerabilities and How to Address Them. This takes a proactive approach to help keep your site from becoming infected in the first place. By following reports of the latest vulnerabilities and keeping your website software up-to-date, you can avoid all but the most persistent hackers. And, of course, make sure you’re using a strong password.
There are a number of steps you can take to “harden” your WordPress site as well, to make it as difficult as possible to hack, and to limit the types of damage that can be done even if it is exploited. Many of these steps can be tackled by a few of the best WordPress security plugins, as well as regular scans and monitoring of your site. There’s a lot to cover in that subject, so it’ll need to be left for another time.
Take the Easy Route
The simplest and most effective task for most business website owners is to simply pay someone else to worry about all this. Look for managed WordPress hosting that includes these features, and you can rest easy knowing someone else has your back, so you won’t have to learn how to do all these things under the pressure of having been hacked.