Get Your WordPress Restored After It Was Attacked
You're running a WordPress site and you think your site is clean and unhackable. Maybe, but unhackable site doesn't exist. You someday may found that your site - somehow - has been infected by malware and has been flagged by google. That would be disaster... This article will let you know how to get your WordPress restored step by step - easily. Your WordPress then will back to running clean & clear.
With new WordPress users, using a nulled theme/plugin or set too simple passwords may put their websites into danger. It may open a backdoor and let anonymous easily control your site. I usually see there common purposes:
- Frontpage was defaced with a warning message says that this site was hacked.
- Website silently sent scam emails or continuously spam and administrator never know about that.
- Website auto created/included advertising links (may contain prohibited content like scam content, gambling, selling drugs,...)
And if your site was in this situation, hosting provider will suspend your account, or if you're using VPS, your IP/domain will be put on the blacklist. Your site then will no longer be trusted and your positions in all search engines will be dropped down very quick. Google Chrome could even stop users to browsing your site in their browser.
Don't want your site to be put in that situation? Sure, everyone want keeps their sites out of that. Good recommendation is: Using legal softwares/scripts, set strong password, and you could use some script to help you increase security of your site. If you want to use share hosting, just choose providers use CloudLinux to prevent your neighbors throw something to your site.
Okay, so what should we do if we were hacked
In this situation, you may need some tools to help you clean your website out of malware and detect infected files. But, bad news is all those tools or servers are quite expensive. One of my favorite service to scanning WP site is Sucuri Antivirus, it would costs you at least 99$. And, trust me, you site may not completely clean after scan. Because those tools and services are not human, and they couldn't guarantee your site is 100% clean out of malware. The only remaining option is re-installing WordPress.
Re-installing is the best and only way to get your WordPress completely clean. It may complicated, but no worry, you won't lose your data. Most of your content will be stored on database and it could be inffected. So, you're fine to installed new site will old database. Just make sure that all your themes, plugins were installed and well-configured.
In this post, I will guide you how to make this done.
Get your WordPress restored step by step
Step 1: Install new WordPress
- Let's get started by install a brand new WordPress site on your host or your localhost. You can use a new domain name to make sure that your visitor on your (infected) domain won't be lost. And this will let you compare 2 websites to make sure your new install is works well.
- Login to your new site's FTP and open file name wp-config.php. Find the following code:
<?php: 01 02 define('WP_HOME','http://example.com'); define('WP_SITEURL','http://example.com');
- Then replace "example.com" with your site's address.
Step 2: Backup old database
Navigate to your hosting's PhpMyadmin, select the right database then export all inside data to a .sql file and download to your computer. If you host doesn't have phpMyAdmin, you can use BackWPUp plugin to backup your database.
Next, copy or move "uploads" folder inside "wp-content" directory to the new installed WordPress site. Please note that you just need content inside this folder, other files are not necessary. On shared hosting, you can use compress functions when you're using File manager to download all the files in a zip pack. That will save lots of time than copy files one by one.
Step 3: Insert old data into new WordPress site
Now, navigate to phpMyAdmin and find for new site's database. Click on Import button and upload the .sql file that you have just downloaded at step 1. If you have any error when trying to import data, just rollback by delete and create a clean database to make sure everything is the same with original site.
Please note that if you're using new prefix on new site (by default, it's wp_), you have to change the prefix setting in wp-config.php file. Just search for $table_prefix and replace wp_ with your defined prefix.
After the importing process is done, upload all image folders in original WordPress site to this new one to make sure none of those images were lost. You can check by navigate to Media -> Library all images & videos stored. If all data was showed up, then you're free to move on.
Step 4: Re-upload themes & plugins
You have moved all data to your new site, but it couldn't work without theme and plugins. Now is the time to upload theme and all (using) plugins. Please make sure that you upload the same theme and the same plugins with your original WordPress. After everything was uploaded, check to see if all the themes & plugins have been updated to latest version to make sure that all vulnerable were fixed.
Step 5: Move back to original domain
You have successfully installed new clean copy of your site, and now you have to make your original site clean too. There are two ways to make this done.
- Config your domain and get it point from old hosting/server to new one.
- Or you just need to logon your FTP, remove all files in old hosting account and uploads the clean scripts to this account.
Please replace the url in these 2 lines in wp-config.php file to direct your WordPress to the right URL:
Now you're done. Clear your cache and browse you site to see your is working well or not.
Say no to pirate sites those provided free but not safety materials. Set strong password and make sure all installed themes & plugins have updated to latest version. Then you will no longer have to worry about security of you site.