<img alt="" src="https://secure.leadforensics.com/791786.png" style="display:none;"> How to Fix and Secure a Compromised WordPress

SmartBug Media® Acquires Globalia, Inc., Solidifying Its Position as the World’s Largest, Deepest and Most Decorated HubSpot Partner With Solutions for the Entire Customer Lifecycle. Read the Press Release !

©️️ Globalia, 2024. All rights reserved.  Privacy policy.

How to Fix and Secure a Compromised WordPress

Comment réparer et sécuriser un WordPress compromis

Do you think something is wrong with your WordPress site? Has Google blocked visitors to your site? Do you see spam content or malicious advertisements (malvertising) on your site? Is it working abnormally? Or maybe you even lost access to your WordPress admin panel?

If you are reading this, you have probably already noticed a problem and want to secure a WordPress. Ideally, all sites take steps to protect against intrusion, such as installing a security plugin. Unfortunately, even the best preventative measures can fail. If you think your blog has been hacked, there are steps you can take to confirm, find, and potentially fix the problem.

Ce que les pirates font avec des sites WordPress compromis

Make sure your plugins are up to date

Outdated or discontinued plugins are the cause of over 55% of WordPress hacks. Plugin developers release updates for three main reasons:

  1. Improve or add functionality;
  2. Support a new version of WordPress;
  3. Fix security vulnerabilities.

Even if a plugin is disabled, its files are still present on the server and may allow someone to access your site without your consent. To secure a WordPress, get rid of anything you don't use, or at least keep it up to date and only download plugins from reputable sites.

Use Complex Username and Password

More than 15% of WordPress sites are compromised due to an overly simple username and password combination. A good way to prevent this problem is to use a more complex password. Sites with easily guessed usernames (ex: admin, user, etc.) and common passwords (ex: password, admin1234, 123456) are very easy to compromise.

You should take a look at all the accounts that have access to your website or who can edit the content of your pages. Then make sure their passwords aren't easy to guess. You can test the strength of your password.

Woman hand typing on keyboard with secured lock concept around

Scan your Site

There are several methods to scan your WordPress site for malicious files. They can provide more or less identical results. I recommend going through each of them to be certain:

  • Install Wordfence Security (which is free) and run a scan. Wordfence will identify any files that have changed, need updating, or may contain malicious code, and provide you with the information you need to fix them right in your admin panel.
  • Visit isithacked.com for a free scan. You can also set up monitoring to notify you if your site shows signs of infection for free. 
  • Finally, ask your agency to scan your site for infected files. These experts will be able to help you solve this problem in more depth and give you advice on what to do next. Make sure you have as much information as possible to make their job easier. Here are some helpful questions:
    • Can you log in to your WordPress admin panel?
    • Does your WordPress site redirect to another website?
    • Does Google mark your website as insecure?
    • etc.

​​Pay Attention to the Signal your Web Browser is Giving You

If one of your visitors notices a warning in your browser, your site has probably been hacked and infected with malicious files. Google often removes compromised sites from search results for user safety.

In some cases, the site may still be listed, but it will be flagged with a message saying "This site can be hacked" or "This site can harm your computer". When you click on the website using Chrome, the browser displays a warning. The user who uses another browser may not receive any warning, which is why the warning is also included in the search results.

Your Customers are Allies to Secure your WordPress

Visitors visit your site more often than you do. If you have several thousand visits a day and your site is working abnormally, chances are a customer is contacting you before you notice the problem or Google detects the hack. Inform your agency immediately to take the necessary measures. You should also consider putting your site into maintenance. Listen to your users, their experience of the site may be different from yours. Users often pay closer attention to advertisements, details, and content on your website and may notice things you wouldn't normally see.

The best - and easiest - prevention is to visit your site regularly. If you notice changes or non-authored text on your pages, you should immediately perform an analysis on your site. PHP errors are also a common sign that the site may have been infected and these often appear at the very top of your page, often above the content. As a general rule, just visit a few pages on your own site to check the consistency of information at least once a week or month.

If your users are reporting issues that you can't explain or if your WordPress site starts working abnormally, don't put your head in the sand. Anything on the internet can be hacked or compromised, no matter what kind of security you have in place, and it happens more often than you might think. Even if everything is fine with your site right now, take 20 minutes and follow these steps to make sure your site is safe and free from threats. If you have any questions regarding the security of your site, do not hesitate to contact our experts at Globalia!