With the Covid-19 virus crushing millions of businesses, there are reports of increased hacking activities, targeting a wide range of online properties. The worst cyber attack of 2020 reported nationally was the case of Russian hackers infiltrating US government agencies.
Small businesses and personal online businesses have also been affected sporadically. It does not matter how big or small your business is when it comes to being hacked. Any hack is a threat to a larger ecosystem of online businesses and should be taken very seriously.
My site(s) were hacked in the past because I was not very mindful and did not do the right things to prevent it & I wrote about 6 easy steps that you can take to stop or at least be alerted as soon as suspicious activities are seen on your websites.
In case your WordPress site gets hacked unfortunately, you can look at these tips below to try and quickly get back online. I have been hacked several times in the past 10 years and have learnt the hard way and every time I get hacked, I find out some newer things to do going forward.
5 things you can do to recover your WordPress site if you get hacked
Step 1 to recover your hacked WordPress site – finding that backup: Look for the last backup on your computer or laptop .Backing up a WordPress site is very easy and yet most of us do not do it religiously. There are numerous plugins to help you do that. If you are not comfortable with using plugins to back your site up, you should Export (you can find this on your WordPress Dashboard under Tools) your content and download everything that is in the Uploads folder in your WordPress installation.
Do not load this up yet because you do not know how widely or badly your domain has been affected. But while you have the XML file and the Uploads folder with you, its best to run a local scan on these just to ensure that nothing in these files have been affected or has malware in them either.
In case you cannot locate your own backup files, you should reach out to your domain hosting service providers requesting for their last backup. I never had to use this service, so I really do not know how long it takes or in what ways they provide these backup files.
What not to do: Your files on your hosting server may be infected, so do not try to download any of your files or Export the blog from the Tools section once you know you have been hacked. Doing so will only make things worse by possibly infecting your home computers and also when you re-load these files back to recover your website, you are likely to bring the malware back again.
The only file you can download if you must, is the wp-config.php file because it has critical information on your content database.
Step 2 to recover your hacked WordPress site – Comparing files: Investigate the extent of the damage on your domain from the backend using a FTP software (I use open source FileZilla). For this you need to download the latest version of WordPress & extract the files on your computer. This is a visual check and you can match up file-name by file-name, file-size by file-size, folder by folder (except for the Content folder). In all possibility you would find additional files on your host – some of them are legit and others could be malicious.
For example, you are likely to have a sitemap.xml on your hosting server and not on the downloaded WordPress folder because you created and added the sitemap.xml file after you installed WordPress and sitemap.xml is not a core WordPress file but has to do with your content and your work. Another example are files like robot.txt and ads.txt and verification files from various search engines like Google, Bing etc.
What not to do: Do not try to rush or skip any process to make it easy or fast. This is a very painstakingly slow process. If you are unsure of any file, try to download a copy of the file and view its content (there is a risk in this of infecting your home computers). If you notice unusual code, complex code that you cannot read or ASCII code in there, its likely that you do not need this file.
Also, do not copy anything from the Plugins folder – you can always download plugins again and although you may lose the past data, it may not be worth the risk.