WordPress sites are constantly under attack. I once read on a security blog that hackers can find your site before you even finish setting it up! They reported that new WordPress sites could be found and targeted by hackers within 30 minutes.

Why is WordPress such a target?

WordPress is the single most popular content manager and website builder out there. Many people who install WordPress do not update, maintain, or protect it.

WordPress is attacked because it is everywhere. If they attack one site, the hackers can use the same attack on thousands of other sites. If they find a weakness, they can exploit that weakness thousands of times over.

How do attacks work?

Hackers can target individual sites. However, through spyware and malware, hackers organize armies of drone computers to attack thousands of sites at once.

Of the thousands of sites they attack, they only need to get access to a few sites. Through sheer volume, they will eventually get access to some sites (hopefully not yours!).

Why? What’s in it for them?

Have you ever received a spam email with a link to buy male enhancement pills or cheap name brand watches or clothing? Those links all go to hacked sites.

Once the hackers get access to the site, they will either weaponize it to attack other sites (especially sites on the same server), or they will install malware or other scripts to lure unsuspecting visitors. They either want money from those users, or they want to infect those computers too.

We’ve also seen hackers use the hacked WordPress sites to send spam emails out by the tens of thousands.

In a nutshell, hackers use WordPress sites to scam and to spam.

What can I do?

Here are some steps you can take to protect your site from hackers:

  • Choose a reputable hosting provider!
  • Make sure your site is isolated from other sites at your hosting provider.
  • Once you start installing your copy of WordPress, DO NOT STOP until completely installed. If you stop midway the installation process, a hacker could take over and complete the process for you, installing their malware without you knowing.
  • Use STRONG passwords and uncommon user names. Don’t use your site name or “admin” as a user account, and definitely not as a password.
  • Change your passwords often and delete any unused accounts.
  • Use a 2F (Two Factor) authentication plugin.
  • You can even install a plugin to change the login page.
  • Backup your site and database daily! If your site gets hacked, you want to make sure your backups are somewhere safe, so backup offsite or download your backups manually. Keep several weeks worth of backups if you can.
  • Use a security plugin like Wordfence or Sucuri. These plugins will monitor your site and alert you to any suspicious activity. They will also block certain kinds of attacks and help you fix problems if they should occur.
  • Use a firewall like Sucuri or Cloudflare to hide your site’s true location. This helps keep hackers out because they wont’ be able to find your actual server.
  • ALWAYS keep your plugins, themes, and WordPress version up to date.
  • Finally, remove any unused plugins or themes.

What if I’ve already been hacked?

We’re definitely sorry to hear that! Hopefully you have backups. Every attack and installation is different.

In an ideal world, you would just delete the infected files completely and restore your site from a clean backup.

Once you regain access, change your passwords IMMEDIATELY.

Install Wordfence and scan your site for problems. We recommend buying a license so it can better protect your site.

If you don’t have a backup, you’ll need to install a clean copy of WordPress and point it to your site’s database. Then reinstall your plugins and themes. Do not keep any of the files from your hacked site other than known media files. You may end up rebuilding your site from scratch.

You can also call in a professional to repair your site. There’s no shame in that.

Once your site is repaired, please follow the directions above to keep your site protected going forward.

We’re here to help!

If you’ve been hacked, or have any other questions, feel free to contact us and we’ll be happy to discuss your particular situation.