Why and what are the reasons that WordPress websites get hacked?
The main goal of a hacker is to spread spam or malware. In addition, a hack can be intended to let visitors download malicious software. In this way, the hacker gains access to important personal data, such as credit card details or addresses. Websites are also hacked to place unseen links to affiliate websites. There are several reasons why a WordPress website can be hacked, but it often has largely to do with the maintenance of the website. The maintenance is then not, or not properly, carried out. These are the most common cases:
Insecure passwords
Many people underestimate the importance of a strong password. The most commonly used password in the world is ”password”, so you can imagine how easy it is for a hacker to break in with it. Secure passwords are required for the WordPress administrator account, as well as for all users, all aspects of the website (including FTP and hosting).
Unsafe code
Unreliable plugins and themes can make your WordPress website vulnerable because of hidden hacks in the code. So never leave unused plugins and themes and remove them directly from your WordPress. If you buy premium themes or plugins, always check the reviews first. Also, never install nulled plugins. These are premium plugins from free websites and these are designed for wrong purposes, such as collecting personal information.
Out of date software
When your WordPress, plugins and themes are not regularly updated, your website is also vulnerable. Every update contains new security updates, so make sure that your WordPress website is always well maintained.
How is WordPress hacked?
WordPress websites can be hacked in a variety of ways. Often it happens with automated tools that require little programming knowledge. Here are the most common ways hackers can get into your website:
Denial of Service (DoS)
Errors or bugs in the code are used to stop a website from functioning.
Cross-site scripting (XSS)
Through a script, a hacker sends malicious code to the user’s browser.
Brute force attack
Through automation, hackers misuse weak passwords to gain access to WordPress websites.
Redirects
Backdoors are used to add malicious redirects to your website.
Pharma hacks
Hackers process a malicious code in an outdated version of WordPress.
What are the characteristics of a hacked website?
The aforementioned hacks sound quite violent and perhaps far from your bed show, which is why we also explain how you can recognize that your WordPress website may have been hacked. If your website is doing differently than usual, that’s usually not a good sign. Although it does not necessarily mean that you are dealing with a hack. Therefore, check the following signals whether it is actually a hack:
You can’t log in anymore
Everyone sometimes forgets the password to log in, or makes a typo when entering the password. So first try to reset your password. If this does not work, there is a chance that your WordPress website has been hacked.
Your website has changed, while you have not made any adjustments
If your website suddenly looks completely different, then that is suspicious. In the first instance, check with all people who have access to your WordPress website whether they have made adjustments that you are not aware of. If that is not the case, but changes have taken place such as an installation of a different theme or unknown content on certain pages, then that may indicate a hack.
Your website will be redirected to another website
Some hackers use a script to redirect your visitors to one of their websites. These are usually not trustworthy websites.
You receive a warning from your browser
When you try to access your own website and you receive a warning from your browser, it may be due to a wrong code in a theme or plugin or certain problems with domains or SSL. Consult the advice given and try to find out if the problem is caused by a hacker.
You’ll receive a warning from Google
It may happen that Google gives a warning with ”this website may be hacked” if you search for yourself in the search engine. This could mean that the sitemap of your WordPress website has been hacked, and that in turn affects your ranking in the search engine.
You will receive a warning from your hosting provider
When your hosting provider detects strange activities on your WordPress website, they will warn you about it. Be sure to take these warnings seriously, but beware of spam emails!
Solution for a hacked WordPress website
What should you do if your website has been hacked? Now you know the characteristics of a hacked WordPress website, but ‘what to do‘ if your WordPress website seems to have been hacked? Because there are different hacks taking place, there are also different ways to solve these hacks. In any case, go through the following steps:
- Collect all information
List all the problems and errors of your WordPress website, so that you have an overview of all defects. This way you can search more specifically for the right solution for your hacked website.
- Contact your hosting party
Before you start doing everything yourself, it is wise to first contact your hosting party. They can often act quickly and support you with the hacking problems. This help is not always free, so keep that in mind or inquire about the costs.
- Restore a backup
Have you backed up recently? Maybe that’s your salvation! Be aware that the content you created after the backup will be lost. After restoring the backup, change all passwords! So to your WordPress password, also the password for FTP and for DirectAdmin.
Don’t have a backup? Check out our service, WordPress Backups. Or if you want to do it yourself, check out our blog here . - Scan your website for malware
Remove all inactive themes and plugins to get rid of the hidden hacks. Then scan your website and remove any malware. You can do this through various free plugins.
- Check the user roles
Check via ‘Users > All users‘ which users have access to your WordPress. Are there people here who no longer use your WordPress? Then remove it. Also check all assigned roles per user. It is often not necessary to give everyone the role of ‘administrator’. Then set a new strong password for each user.
- Change the ‘secret keys’
In the wp-config.php file you can find the ‘secret keys’ of your WordPress installation. After a hack, it is best to replace these characters with a new code. Via WordPress.org you can generate new secret keys.
- Customize all passwords
Re-adjust all passwords, with an emphasis on all. We’ve already mentioned it a few times, but it’s really important to not just change wordpress password. Also, adjust the FTP password and the control panel of your hosting party.
Contact us
What to do if your website has been hacked? Review the steps above. If it all gets too complicated now, call us in. We already have several experiences and know exactly what hackers do. You can reach us by starting a live chat or call us on 030 20 72 488. Our WordPress specialists are happy to help you.
