My blog was recently hacked. I’m actually surprised it didn’t happen sooner – I’ve been blogging for four years now, and unfortunately this is something that happens quite often. I learned about the problem when I tried to access my blog, and instead reached an alarming red screen where I was informed by Google that my blog is distributing malware and has been delisted from Google’s listings.
A near-heart-attack experience, for sure. But I survived, my blogs have survived, and here’s what to do if it happens to you:
1. Clean up your blog. Go to Sucuri.net and sigh up for the plan that fits your particular situation. For one affected site, you pay $90 per year. This includes the initial cleanup, and then constant monitoring, and future cleanups as needed. My experience with this company was very good – I have several websites so had to sigh up for the business account, and I’m glad I did because the malware was already starting to spread to another blog I own. They cleaned up everything within an hour.
2. Change FTP password. Once Sucuri notifies you that your site has been cleaned up, immediately change the password you use to access your site via the Control Panel or via FTP.
3. Change your WordPress password. Change your WordPress administrator password. The hackers probably have the old password.
4. Clean up users. Check to see if there are other admin users in addition to you. Do they need to have access? If not, remove them. If they do need access, change their passwords as well.
5. Update WordPress. Update your WordPress installation to the latest version. Sucuri told me that most hackers hack WordPress blogs with an old WordPress version, so it’s very important to keep your blog updated. Even if it’s already updated, Sucuri recommends to click on “Reinstall” and overwrite all core files with a clean version.
6. Upgrade your plugins. First, get rid of plugins you don’t really need. Next, upgrade all plugins to the latest version.
7. Install a security plugin. Install the Sucuri WordPress plugin. It will add an extra layer of security to your blog.
8. Back up! Perform a backup of your blog, and schedule future regular backups. I use the Backup Buddy plugin.
9. Clean up your computer. Your blog is now clean, but your computer might be infected, which could re-infect your blog. Run a virus scan on your personal desktop/laptop, to make sure everything is OK. Even if you own a Mac, admittedly less prone to viruses than a PC, it’s best to scan for viruses and malware.
10. Talk with Google. Go to Webmaster Tools. Click on the affected site, then on on “Diagnostics,” and then on “Malware.” Submit your site for review. Fill in the section for comments and let them know that your site was cleaned by Sucuri, and about all the other steps you have taken to make sure this does not happen again.
Next week: How to prevent your blog from being hacked in the first place.