I received an email from my brother this morning…
My sites got hacked, they added 20+ new users to WordPress and changed my password so I couldn’t log into /wp-admin. I had to restore an earlier backup of the database and change my username and passwords for my admin account. I had no idea it had happened until I decided to post a new blog entry and couldn’t log in.
I host several websites, for the most part they are based on the WordPress CMS, and hearing about hacking is not uncommon. Apart from the initial glut of fear that happens to website owners when it’s first discovered, I’ve experienced it to be simple to deal with – if you have the right tools.
Here’s how my brother dealt with his immediate WordPress Hack problem:
use your cPanel access to check your SQL database for any unwanted user accounts This article is for those who have phpMyAdmin access to their database.
- Log in to cPanel, then go to phpMyAdmin.
- click on the database on the left and that list will change to show the wp_**** tables etc.
- Click on wp_users and make sure you only have your own username in there.
Obviously once you have protected your site databases, you need to lock down on the scripts injected into your site. Vivek R, has posted a great article on how to detect and scrub this malware from your WordPress website.
Here is three step method to remove malicious code or unwanted back links from nulled or Free WordPress themes and plugins that are downloaded outside WordPress repository.
I’ve used Exploit Scanner on client websites, and it’s certainly helped reassure me of my housekeeping awareness when looking after other people’s websites. Most people are uncomfortable only because they don’t know what to expect, or how to deal with things such an event. Even Facebook made headlines yesterday with admitting a Trojan hack.
The recent hack on Facebook was traced back to one infected website called iPhoneDevSDK.com, but now it seems there may have been up to three infected websites involved.