Malware on WordPress
We recently had a client contact us about a WordPress website they were not able to log into. They said “I think my website was hacked!” and asked us to troubleshoot and repair the site. On our initial inspection we discovered not only could they not log in but the entire site was down. What exactly is a “Hacked Website“?
WordPress is very popular and this popularity makes it a prime target for hackers and spammers. Sometimes the efforts of spammers are successful yet not really damaging but sometimes the results are devastating and can cripple your website. Regardless of how invasive the attacks are, they all cause huge problems for the owner of the website. There are some effective modifications you can make on your WordPress website to make it more secure and protect it from the people with bad intentions. Read our Website Protection Tips to learn more about how to lock down your site.
What To Do When You Realize…
My Website Was Hacked
First, don’t panic. Slow down and resist the urge to start trying different things to try and fix the problem. Often you will make things worse.
How We Fixed This Website
After getting access to their hosting provider (whom shall remain nameless) we set up a new FTP account. When we looked at the files there were numerous .PHP files that had been renamed with the suffix .suspected. We tried renaming the plugins folder but that made no difference. We ended up deleting everything on the site except the wp-contents folder and the wp-config.php file. Then we uploaded a fresh WordPress installation.
Next we added the plugins back in 1 at a time with the exception of one folder which was named “normalstiil” that was in the plugins folder. The client didn’t recognize the name and it turned out to contain a file named bouncer that was infected with a virus.
Back In Business
The end result is that we were able to get the site back up and operational without losing any of the clients’ data. If you manage your own WordPress website you should review your site on a regular basis.
If you don’t have time or the inclination to take care of your website, check out our Website Management page.
This particular website had a ton of spam in the comments which we deleted and then turned comments off.
There were also several posts the client didn’t make. This further emphasizes the need to monitor your site regularly.
If you have any questions or would like additional information, please Contact Us.