How to Fix a Hacked WordPress Site

How to Fix a Hacked WordPress Site


This is a lesson I wish I couldn’t give.  I wish I knew nothing about the how’s and what-to-do’s of website hacking like the good old days…those days until I got a crash course when LivingIF went down. Here are the ins-and-outs of why hackers hack WordPress websites and what I did to get us back up. Don’t want it to get hacked?  Take these hacker evading steps!



I got hacked because I’m awesome and hackers are a**holes.  OK, neither is necessarily true.  Hacking is generally an impersonal crime with the simple goal of adding my web server to a hacker’s computing arsenal.  Targeting blogs or personal computers is just a means to an end: the more computers like mine they hav,e the more likely they’ll be successful in future, presumably for-profit, attacks.

Why target WordPress?  It’s amazingly popular, powering an estimated one in six websites….that’s a target worth aiming for!



Luckily for us, most hackers try to plant “backdoors” in the same places.  These backdoors allow them to access a site or servers without logging in and do as they please.  It goes without saying that this can create a mess, a mess so large I’m going to lay it out there: it may require completely reinstalling a website from a backup.  Hopefully though that isn’t the case, ideally one these simple steps that got me back online can be a solution for you.

1.  Contact your hosting provider. The hack may be affecting more than just your site and they may know what to look for with their specialized tools.  HostGator, our host, did such a search and removed several files for us.

2.  Change passwords. Do this for your WordPress site, FTP, and host’s contol panel (i.e. cPanel).

3.  Change secret keys. Even if you change your passwords hackers could still be logged in, changing your secret keys will kick them out.  Read how to do it here, it’s way easier than it looks!

4.  Deactivate all plugins…then reactivate, one-by-one. It is possible the hack is in a plugin, if that is the case it’s easy street!  After reactivating each plugin, refresh your browser to see if you get signs of the hacker’s work (for me it was launching an iframe which directed traffic to someone’s Amazon Associates account).

5.  Search uploads folders for “.php” files.  There should be none.  Click here for great explanation of this one.

6.  Review WordPress “.php” files looking for anything that is a long string of symbols, most likely starting with “eval()” or “base64_decode()”.  I read that I needed to do this, but didn’t really understand the mission.  Quickly  I discovered a string of unitelligable code and skipped over it…bad move on my part…here’s the words from a programmer friend explaining why this was the problem:

Especially look into “wp-blog-header.php”, “wp-config.php” and “index.php” as these seem to be favorite hacker targets.

6. Enlist help. Read this tutorial to locate a backdoor.  Brush up on WordPress’ official “what to do if you get hacked guide.  Study up on how hackers create backdoors.  Or, look into this Hacker Removal guru, he’s available for hire to take out the bad guys!

The reality is that getting hacked is a huge waste of time and energy.  You may even have to call in a professional as there is no way us normal people can root all all the issues a hacker may cause.  That said, if you haven’t been hacked take these five simple steps to hacker-proof your website.

(Borrowed the hacking image and great tutorial on how hackers hack here).

Related Posts Plugin for WordPress, Blogger...


Sorry, comments for this entry are closed at this time.

About the Author

thinkCHUA: Photographing and documenting the world on a 3 year round-the-world trip to help future travelers discover new places, travel longer and enjoy the world's great experiences.

About the Author
thinkCHUA: Photographing and documenting the world on a 3 year round-the-world trip to help future travelers discover new places, travel longer and enjoy the world's great experiences.


Ouro PretoDaliIsrael HighlightsMonywaMalaysia HighlightsKutaTibet HighlightsDahabSukhothai and Si Satchanalai





Get traveling today with lessons from our travels to 50+ countries on all 7 continents. Bump along in buses, hike the hills, and swim the seas with us to discover the world's best destinations.

Like LivingIF to start living your IF today!

Press ¨Esc¨ key to close this window.