KozBlog

Rants by a Melburnian

You are here: Home / Software / Hacked WordPress | What Next?

Hacked WordPress | What Next?

... SHARE THIS
Google+0

If you haven’t heard, hackers are once again targetting WordPress web sites but they have a new way in.

This time round, they are trying to get in via your WordPress Admin area.  In millions of cases, hackers already know two key elements about your login:

* Now, how did we know your username was ‘admin’?  By default, it is the username assigned during a WordPress installation and setup process and subsequently, billions of WordPress sites have the same username = admin.  SO, all the hacker has to figure out is your password and they are in.

The bad news is a hacker may have been in already.  We are seeing thousands of cases where a hacker gets in, has a snoop around, adds somne backdoor files without anyone knowing, and then comes back weeks, sometimes months later via the backdoor file they left earlier.

OK, firstly, if your site was hacked and the message you see is Hacked by Hacker, then see Hacked by Hacker Fix for our 2 minute fix.

If your username is ‘admin’, then you need to change it, and change it NOW!  Heres how..

To rename your WordPress ‘admin’ user:

  1. Sign in as ‘admin’.
  2. Create a new user using the steps below.
  3. Choose a hard-to-guess username, but don’t make it so difficult that you’ll forget it.
  4. Make that user’s role “administrator”.
  5. Choose a password that has upper and lower-case letters and numbers in it. Symbols are OK too.  
  6. Click “Add new user”.
  7. Sign out as ‘admin’. 
  8. Sign in as the new user.
  9. Delete your old ‘admin’ user and assign all posts/pages/comments to your new admin user. 

Congratulations, you now have a more secure WordPress web site.

Finally, do you want to know if a hacker has been in without your knowledge?  Do you want to secure your web site against attacks in the future?

Here are 3 steps you must take to find out and secure your web site so it does not happen in future.

  • Security Plugins | there are free and paid versions
    WP Security Scan (websitedefender) is free and will scan your web site for bad and weak files
    In fact, if you search plugins for ‘websitedefender’, there are 3 free plugins that will go a long way towards securing your web site
  • Security Plugin | Paid
    WordFence is very very good.  Lots of advice, and regular mail advising you of risks.  Its a small price to pay for peace-of-mind.
  • TimThumb has been a vulnerability for a while now. It is often installed with graphic related plugins and some themes, so you will want to know if it is installed and then how to secure it so you are not at risk.  Search plugins (add new) for TimThumb Vulnerability Scanner.

Sometimes I get emails from web site owners who have already been hacked (thank you).  Every hack is different and usually by a different hacker.  So, we start with a mini investigation before advising how to proceed.

Often, a WordPress web site can be unhacked and fixed in a few minutes (like Hacked by Hacker Fix).  Sadly, with other hacks, multiple files are affected and a reinstall is required.  Another part of the unhack process requires checking to make sure that the hacker has not left time bombs behind that come back to bite you later. 

Either way.. drop us a line and tell us your problem and we’ll work with you to try and fix it.

Cheers

KOZ