“Help, my WordPress has been hacked!”

Nothing is worse than the feeling you get when you visit your website only to find a huge Google warning that says “Warning: This site might hurt your computer”! The first time it happened to me I wanted to cry. I had worked so hard at getting my site indexed and ranking well and I thought I had lost everything to a hacker.

Once I got over the initial shock, I found it was fairly simple to work through.

What to do if your WordPress has been hacked:

1. The first thing you need to do is prevent any users from coming to your website. You don’t want to inadvertently infect any of your visitor’s computers. Fixing the hack is usually easy and fast but in the meantime you must take care. Create a simple index.html file stating the site is temporarily closed for maintenance and FTP it into the root directory. (don’t forget to delete this once the site is fixed)
2. Next you want to go to Google Webmaster Tools and remove any URLs that contain the malware.  http://www.google.com/support/webmasters/bin/answer.py?hl=en&answer=164734&rd=1 Don’t worry, you will get theURLs re-indexed when the cleanup is completed.
3. 9 times out of 10 malware can be easily be removed by deleting your current corrupted blog theme and reinstalling a clean one. Use your FTP client and navigate to wp-content/themes and just delete the folder that contains your theme files. Once it has been deleted, you can upload a clean version of the theme.
4. If installing a clean version of your theme didn’t do the trick, the next place to look is your plugins. In your FTP client, rename your plugins folder plugins.bak and create a new plugins directory. Once you have done that, check to see if it fixed the problem. If it did, then delete the plugins.bak directory and do a clean install of all of your plugins.
5. If none of the above works, then you may have to do a database restore from a backup file. This is exactly why it is important to do frequent backups of your database. If you are unsure how to do a database restore, you should contact your web host. They should be able to remove the database and restore the site with their own backup of your site.
6. If all else fails, you may need to do a fresh install of your WordPress.

Once you have the site cleaned up, you will need to go into Google Webmaster Tools and submit your site for reconsideration. This is easy to do and usually results in your site being re-indexed within 24 hours. Oh, and don’t forget to change your password!

How to prevent WordPress from getting hacked again

Because WordPress is an Open Source software and many different developers create themes and plugins for it, there are sometimes opportunities for hackers to find a way in the back door and place MalWare or destructive code into your blog.

There are many ways you can protect WordPress from future hacker attacks.

1. For starters, never use the default “admin” as your log-in username and make your password secure. It might be easier to remember a blog123 password, but it is also pretty easy for a hacker to figure that out. Use at least 8 characters with both upper and lower case, numbers and punctuation.
2. Install a firewall plugin. This will prevent anyone from being able to alter your code or upload files to your server. WordPress Firewall 2 is a free plugin that I recommend.
3. Next, install a Security Scan or Malware Scan plugin. WP Security Scan by WebDefender is a very good choice. This plugin will help you create backups and change the file names of the most commonly hacked files.

If you make your WordPress security more difficult for a hacker to easily tap into, they will not waste their time on your site as there are thousands of other sites that are much easier for them to get into.

Tags:

• wordpress hacked 2012
• wordpress hack 2012
• wordpress hacked
• wordpress hacks 2012
• warning hacked
• wordpress hack
• youve been hacked
• word press hack 2012
• wordpress site hacked 2012
• how to clean hacked wordpress 2012

Technorati Tags: best wordpress security plugins, featured, how to protect your wordpress from hackers, my wordpress has been hacked, warning this site may harm your computer, what to do if wordpress is hacked, wordpress security plugins

Related posts:

1. WordPress Tutorial – How to Install a WordPress Plugin