My WordPress Site Has Been Hacked – WHAT TO DO?!?

Chrome Warning

Google Chrome indicates that your WordPress site “contains harmful programs” or “contains malware” when any page is opened. This means that Google has crawled your site and found embedded code that could cause harm to the passing web surfer. Your site has been hacked by someone who has changed files to meet their malicious intent. The hacker may have done it using a trojan plugin or may have gained access to your wpadmin or ftp account.

What Should You Do

There are some free WordPress plugins available that will scan and fix malicious files. The following sections provide more detail for this list of Things to Do:

  1. change your webserver ftp password
  2. change your wpadmin password
  3. delete unknown WordPress Administrator users
  4. install the plugin Anti-Malware from GOTMLS.NET
  5. install the plugin Wordfence
  6. run the Anti-Malware scans and Address Issues
  7. run the Wordfence scans and Address Issues
  8. address any issues
  9. notify Google of your changes

Run the Anti-Malware scans and Address Issues

  1. run the WP_Core Quick Scan
  2. run the Plugins Quick Scan
  3. run the Themes Quick Scan
  4. run the Complete Scan
  5. choose ‘Fix Issues’ if the scan identifies a threat
  6. repeat over several days to ensure the threat does not reappear.
  7. if threats reappear, pay attention to plugins or themes that reappear and disable then delete those
  8. clear the quarantine created by the Anti-Malware plugin
  9. delete any plugins that WordFence indicates as no longer supported

Run the Wordfence scans and Address Issues

  1. turn on ‘scan themes files against repository versions for changes’. Visit wpadmin > Wordfence > Options
  2. turn on ‘scan plugin files against repository versions for changes’. Visit wpadmin > Wordfence > Options
  3. run ‘Start a Wordfence Scan’. Visit wpadmin > Wordfence > Scan
  4. browse the Scan Summary and validate the scan results.
  5. view the New Issues and address each one as follows:
  6. Allow Wordfence to Repair any core files that are identified as changed. Unless you are changing WordPress core code, you don’t want custom files.
  7. Allow Wordfence to Delete any unknown files identified as containing malicious code. If it isn’t in the inventory, your site won’t need it.
  8. If you modified a theme (example: changed a style.css file), indicate that Wordfence should ignore this issue.

Notify Google

Register your site in Google’s WebMaster tools. Visit https://www.google.com/webmasters/tools/dashboard
Check the WebMaster Tools Security Issues tab. Follow the instructions to tell Google to remove your sit from their list.

Conclusion

Your site has been hacked. Using the 2 free plugins Anti-Malware and Wordfence, you can scan and fix files that now contain malicious content. Mission accomplished!

Favorite WordPress Plugins

Wordpress-logo-simple
The WordPress Plugin is one of the most important features of WordPress. They allow you to extend the capabilities of WordPress. With a Plugin, you can evolve your site as you decide to apply new features. You can even resuscitate your site if it is in need of some sprucing up. It only takes a few Plugins to make your site even more useful than the standard WordPress site.
… Read More!

Monitize your WordPress Site

Wordpress-logo-simple


There are several tactics you should take to make money from your WordPress site. If your site is a blogging site or a site that provides some type of information, you need to get visitors and then sell ads. There are many methods, but, these are the easiest and best tools (and FREE (except when you run out of free advertising)) :
… Read More!